www.pfizeruc.com Open in urlscan Pro
2606:4700::6812:dc1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pfizeruc.com/
Effective URL:
https://www.pfizeruc.com/
Submission: On July 23 via api (July 23rd 2024, 7:59:31 pm UTC) from US — Scanned from DE

Summary HTTP 105 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 105 HTTP transactions. The main IP is 2606:4700::6812:dc1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pfizeruc.com.
TLS certificate: Issued by E6 on July 1st 2024. Valid for: 3 months.

This is the only time www.pfizeruc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 91	2606:4700::68... 2606:4700::6812:dc1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.213.165.94 23.213.165.94	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.66.27 151.101.66.27	54113 (FASTLY) (FASTLY)
10	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
105	5

91 2606:4700::6812:dc1 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

pfizeruc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pfizeruc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.165.94 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-94.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.27 (San Francisco, United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	pfizeruc.com 2 redirects pfizeruc.com www.pfizeruc.com	556 KB
12	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 8781 metrics.brightcove.com — Cisco Umbrella Rank: 6121	1 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 5742	287 KB
105	3

	Domain	Requested by
90	www.pfizeruc.com	1 redirects www.pfizeruc.com players.brightcove.net
10	metrics.brightcove.com
2	edge.api.brightcove.com	players.brightcove.net
1	players.brightcove.net	www.pfizeruc.com
1	pfizeruc.com	1 redirects
105	5

This site contains links to these domains. Also see Links.

Domain
www.thisislivingwithuc.com
www.pfizer.com
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
pfizeruc.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-19` - `2025-04-18`	a year	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-14` - `2025-01-14`	a year	crt.sh
metrics.brightcove.com WR3	`2024-07-15` - `2024-10-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.pfizeruc.com/
Frame ID: F8A044FB1AB174DB5AFF52BE24157F20
Requests: 104 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eric took steps to manage his UC and get back to what he loves.

Page URL History Show full URLs

http://pfizeruc.com/ HTTP 307
https://pfizeruc.com/ HTTP 301
https://www.pfizeruc.com/ Page URL

Page Statistics

105
Requests

96 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

848 kB
Transfer

1706 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thisislivingwithuc.com/
Title: Learn more about living with UC

Search URL Search Domain Scan URL

URL: https://www.thisislivingwithuc.com/work-with-your-doctor
Title: Visit ThisIsLivingWithUC.com

Search URL Search Domain Scan URL

URL: https://www.pfizer.com/

Search URL Search Domain Scan URL

URL: https://www.pfizer.com/privacy
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.pfizer.com/general/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.pfizer.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://twitter.com/Pfizer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Pfizer

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/pfizer

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pfizerinc/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/Pfizer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pfizeruc.com/ HTTP 307
https://pfizeruc.com/ HTTP 301
https://www.pfizeruc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://www.pfizeruc.com/favicon.ico HTTP 301
https://www.pfizeruc.com/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pfizeruc.com/
Redirect Chain

http://pfizeruc.com/
https://pfizeruc.com/
https://www.pfizeruc.com/

10 KB
6 KB

311ms
240ms

Document
text/html

2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f120319b019869dd8cf37b34ec855839b27d290e8c089cf21448a37619c90712

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=7200, must-revalidate
cdn-cache-control: max-age=172800, must-revalidate
cf-cache-status: HIT
cf-ray: 8a7e4028ba7da5f6-FRA
content-encoding: br
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-type: text/html; charset=utf-8
date: Tue, 23 Jul 2024 19:59:23 GMT
last-modified: Thu, 18 Jul 2024 08:13:37 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
surrogate-key: v3--pfizeruccom--pfizer kKQEpWC1Y9MpEklP 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_metadata v3--pfizeruccom--pfizer_head 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970
vary: Accept-Encoding,X-Forwarded-Host
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 16, 0
x-content-type-options: nosniff
x-edison-type: Adobe
x-frame-options: SAMEORIGIN
x-franklin-ref: v3
x-served-by: cache-iad-kjyo7100038-IAD, cache-iad-kjyo7100038-IAD, cache-fra-eddf8230028-FRA
x-timer: S1721749813.439613,VS0,VE5
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=3600
cf-ray: 8a7e4027b977a5f6-FRA
content-length: 167
content-type: text/html
date: Tue, 23 Jul 2024 19:59:22 GMT
expires: Tue, 23 Jul 2024 20:59:22 GMT
location: https://www.pfizeruc.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 scripts.js Show response
www.pfizeruc.com/scripts/ 10 KB
6 KB 462ms
462ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/scripts/scripts.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d2d4455c5f8e1e35386d24161232ca5e6ddd76898f3edb27cdd55ebf923cee6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 2766
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100086-IAD, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230039-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code kJk8joN_j_LH5_3N
last-modified: Fri, 12 Jul 2024 13:05:43 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.678885,VS0,VE7
etag: "d5f14c58ee6ff6a14a74d02712039eea"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402a6cc1a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 16, 0

GET
H2 200 styles.css
www.pfizeruc.com/styles/ 451 B
757 B 570ms
570ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/styles.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f9f6b50759d6d5e72a4e0d7fee5ac53e00d08cf3dfa638df19fb305688d5bc7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: HIT, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 188
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100063-IAD, cache-iad-kjyo7100063-IAD, cache-fra-eddf8230027-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code Gvt_83YTDPUatpx2
last-modified: Fri, 14 Jun 2024 12:12:48 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.705656,VS0,VE94
etag: "d3c9d7c8b59a384566177b2576b35e88"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402a6cc2a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 101, 0

GET
H2 200 scripts.js Show response
www.pfizeruc.com/lib/scripts/ 12 KB
7 KB 314ms
313ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/scripts.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c485d438c10d91c6f8623feee914bbc5b1f295c31523de0a1bfd28350ae53c11

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 3878
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200083-IAD, cache-iad-kcgs7200083-IAD, cache-fra-eddf8230122-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code W3aPQ6adamEuLxdL
last-modified: Thu, 18 Jul 2024 18:27:56 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.001310,VS0,VE4
etag: "a6d0933e7197298d0e6ab2e7720d7269"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402d4854a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 11, 0

GET
H2 200 lib-franklin.js Show response
www.pfizeruc.com/lib/scripts/ 25 KB
10 KB 333ms
333ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1329ef4aee6f8b8eb0eecba2cc18a1b79de0fb309065a8a621117466ad023f33

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 7382
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100124-IAD, cache-iad-kjyo7100124-IAD, cache-fra-eddf8230141-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code mcxf9kucgNv143Ex
last-modified: Thu, 18 Jul 2024 18:27:56 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.021051,VS0,VE1
etag: "61180fde3a8ddbbd1602db338792432a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402d4858a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 14, 4

GET
H2 200 analytics-tracking.js Show response
www.pfizeruc.com/scripts/ 11 KB
5 KB 294ms
293ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/scripts/analytics-tracking.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f86ed12103e4c27375c9c414f932bb6dcd5cf19803cee306e20d863e52cd5f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 2024
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000169-IAD, cache-iad-kiad7000169-IAD, cache-fra-eddf8230082-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code tWmxP4i9qYTD3XYr
last-modified: Fri, 12 Jul 2024 13:05:43 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.986562,VS0,VE3
etag: "da1575191c59ff471e6899c5150263e5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402d485ba5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 184, 0

GET
H2 200 tokens.css
www.pfizeruc.com/lib/styles/ 10 KB
2 KB 335ms
331ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/styles/tokens.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6480b348fa865571101323ad22649d98234e5e2381a0dd16761c5b1355f1a93b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 1272
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200050-IAD, cache-iad-kcgs7200050-IAD, cache-fra-eddf8230099-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code sCc_wdUWb52tVYUE
last-modified: Thu, 18 Jul 2024 18:27:58 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.135086,VS0,VE2
etag: "2aab8955f2a94af8fd2cb2fbac568035"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402e091da5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 27, 0

GET
H2 200 styles.css
www.pfizeruc.com/lib/styles/ 45 KB
7 KB 332ms
328ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/styles/styles.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b43245f931a70af544c57cb6f2d58a15cf4bfb2f526bb19486957490c59a707

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 7046
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100073-IAD, cache-iad-kjyo7100073-IAD, cache-fra-eddf8230108-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code _GH3ZV2_9inIGzZM
last-modified: Thu, 18 Jul 2024 18:27:57 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.119604,VS0,VE4
etag: "575ee1ce7c1bcdc1eaf3fa3ef53ff414"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402e091fa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 23, 0

GET
H2 200 default.css
www.pfizeruc.com/styles/ 5 KB
2 KB 293ms
290ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/default.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b57ac5438f00cc908d3c3f3eaaa127754a10cedddb3709b244957e4415486989

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 1159
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200151-IAD, cache-iad-kcgs7200151-IAD, cache-fra-eddf8230096-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code u_oJFFuf4of_t40R
last-modified: Fri, 12 Jul 2024 13:05:44 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1720907363.518182,VS0,VE3
etag: "fc623d322f77211c74d45a26cd205aad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402e0923a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 12, 0

GET
H2 200 three-column.css
www.pfizeruc.com/styles/sections/ 7 KB
2 KB 369ms
366ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/sections/three-column.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d4196ae87fe1ce2d341058507a1c71bbc8872d8a315a85b7fb88c2642b2b5e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: HIT, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 1411
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000120-IAD, cache-iad-kiad7000120-IAD, cache-fra-eddf8230089-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code j87DIM6SR8KMfpuD
last-modified: Fri, 12 Jul 2024 11:17:45 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.172996,VS0,VE3
etag: "9435b17a614590fc181fbca3eacc6f4a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402e0924a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 1, 3, 0

GET
H2 200 hero-banner.css
www.pfizeruc.com/styles/sections/ 7 KB
2 KB 416ms
413ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/sections/hero-banner.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c1df9b4fcae1d358445b436758f248e34a418ca86094ad60742c37fada98c0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: HIT, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 1388
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000149-IAD, cache-iad-kiad7000149-IAD, cache-fra-eddf8230075-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code Ur0MfgbbKqbnsF33
last-modified: Thu, 27 Jun 2024 16:19:15 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.122988,VS0,VE94
etag: "9425bf8e32b5a5e38de0af4ce65b9a7c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402e0926a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 26, 0

GET
H2 200 two-column-video.css
www.pfizeruc.com/styles/sections/ 9 KB
2 KB 323ms
320ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/sections/two-column-video.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3f479bbd9d938c09c19e7be949568fc470530ec89b1e2a3edf5a17250d0a595

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 1832
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000058-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230062-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code z3U7v6Z7O0GdFpP7
last-modified: Wed, 17 Jul 2024 06:09:43 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.094465,VS0,VE4
etag: "26c9810dd153f686068b2cfb0390c0c1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402e0927a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 24, 0

GET
H2 200 overlay.css
www.pfizeruc.com/styles/sections/ 2 KB
866 B 360ms
358ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/sections/overlay.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc074846ce272904261e8fe6628efd33e6e58e81d4f29df37a06fbc4d52e045d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 559
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000098-IAD, cache-iad-kiad7000098-IAD, cache-fra-eddf8230146-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code JACVx_Tlqq5k86I6
last-modified: Fri, 07 Jun 2024 13:57:42 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.067568,VS0,VE95
etag: "6a8315d45dacb62f2d9a7665fc29eab9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402e0928a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 103, 0

GET
H2 200 hero-video.css
www.pfizeruc.com/styles/sections/ 2 KB
805 B 431ms
429ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/sections/hero-video.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5172677afd790a2c2e93bc417503bd5c0db701f07a05f4df3df3ff5241951513

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 520
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000075-IAD, cache-iad-kcgs7200036-IAD, cache-fra-eddf8230149-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code ZXS482D_fmSNtfdf
last-modified: Mon, 03 Jun 2024 09:04:45 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1720907363.576068,VS0,VE90
etag: "2ca83f159377a070f6eaae994de4ff14"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402e092aa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 168, 0

GET
H2 200 card-carousel.css
www.pfizeruc.com/styles/sections/ 26 KB
4 KB 373ms
372ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/sections/card-carousel.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba9779120d0e2a82750f83845a5f3ed3dd65bfce9f052c2eb3c5d9651ad06d99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 3905
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000096-IAD, cache-iad-kiad7000096-IAD, cache-fra-eddf8230021-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code 1xI1ASv2ucVg0g3_
last-modified: Fri, 12 Jul 2024 13:05:44 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.168899,VS0,VE4
etag: "6eaeb24d44beb63959b141001ccaa0fb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402e092ba5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 5, 0

GET
H2 200 analytics.js Show response
www.pfizeruc.com/lib/scripts/ 4 KB
4 KB 251ms
250ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/analytics.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe2e4cea59bf4863a0e098c3b83bbef9781186dabb69f701cbab437c5b18039

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/scripts/analytics-tracking.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 1580
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000172-IAD, cache-iad-kiad7000172-IAD, cache-fra-eddf8230070-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code w3vvs5rxeOnzXuW0
last-modified: Thu, 18 Jul 2024 18:27:54 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397213.442040,VS0,VE1
etag: "6d948575bbd2186e68cf82025f7463cc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402f2a80a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 25, 0

GET
H2 200 pfizer-utilities.js Show response
www.pfizeruc.com/lib/scripts/ 3 KB
4 KB 254ms
252ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/pfizer-utilities.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a690c72577af8f1e5adf201260f3b81cfe56a6c689969ba31e506c8083acb610

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 1314
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000098-IAD, cache-iad-kiad7000098-IAD, cache-fra-eddf8230060-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code nparkyx1OTAXVYFq
last-modified: Thu, 18 Jul 2024 18:27:56 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.258274,VS0,VE2
etag: "ce0d8a1ee948dbe2059228d4c489025f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402f4aada5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 14, 0

GET
H2 200 lang-helpers.js Show response
www.pfizeruc.com/lib/scripts/ 743 B
3 KB 257ms
255ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/lang-helpers.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

772d58a3a5fac3f7ae868ca03ce0ba821d5257565d90205b2f98fd3ae9e14b8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 342
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100158-IAD, cache-iad-kjyo7100158-IAD, cache-fra-eddf8230055-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code Qp0JUnW9HWvtVefe
last-modified: Thu, 18 Jul 2024 18:27:55 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.261794,VS0,VE3
etag: "c144af1e87b9595882d4aaf5b6846042"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402f4ab1a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 15, 0

GET
H2 200 core-utilities.js Show response
www.pfizeruc.com/lib/scripts/ 11 KB
7 KB 118ms
116ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/core-utilities.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a641b60226c712abfb6cd9f2cf28668470b99ae699b663aeebf6dc1cc94a7c49

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 3754
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000158-IAD, cache-iad-kiad7000158-IAD, cache-fra-eddf8230112-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code reEWqKqKH8mGhxRN
last-modified: Thu, 18 Jul 2024 18:27:55 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.125532,VS0,VE2
etag: "b6442e43f63fa16fe077965f3d79d860"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402f4ab3a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 16, 0

GET
H2 200 env.js Show response
www.pfizeruc.com/lib/ 716 B
3 KB 125ms
124ms Script
application/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/env.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6166c5801726215a38fe3ce626c384cb939b95c9e21b105bffa091eb1f04a142

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
referrer-policy: same-origin
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8a7e402f4ab4a5f6-FRA
x-edison-type: Adobe
x-xss-protection: 1; mode=block

GET
H2 200 overlay.js Show response
www.pfizeruc.com/lib/scripts/ 3 KB
4 KB 193ms
192ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/overlay.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa74356a5c6924460c94e3442b767842e4465d97e4a6d5afb62c8163b7d4c5a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 1327
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100029-IAD, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230066-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code drbVZcybG0O8mp2M
last-modified: Thu, 18 Jul 2024 18:27:56 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.202226,VS0,VE2
etag: "6bb86ad4f3b8ef110ea9f876f84d53af"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402f4ab5a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 17, 0

GET
H2 200 block-renderer.js Show response
www.pfizeruc.com/lib/scripts/ 9 KB
6 KB 136ms
136ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/block-renderer.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9069084818f64468423cb9aa777f460424d0db5406034b2cbf039c08d785f1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/lib-franklin.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 2877
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100173-IAD, cache-iad-kjyo7100173-IAD, cache-fra-eddf8230120-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code 7ttr_OR_dHo7C1hS
last-modified: Thu, 18 Jul 2024 18:27:55 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.158823,VS0,VE7
etag: "69e465ae2c556b4178df99fdd186f8de"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402f6ad2a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 17, 0

GET
H2 200 common-decorators.js Show response
www.pfizeruc.com/lib/scripts/ 9 KB
6 KB 178ms
178ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/common-decorators.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb6b86d0451b5564486a0cfdcb045a092575b4a976f0aabd2ffea9f60f5c5a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/lib-franklin.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 2994
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000151-IAD, cache-iad-kiad7000151-IAD, cache-fra-eddf8230124-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code kKbR5jgyUxTTPuwc
last-modified: Thu, 18 Jul 2024 18:27:55 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.206627,VS0,VE5
etag: "e5b08ef9dc8be78940566697a9a20335"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402f6ad5a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 17, 0

GET
H2 200 tokens.css
www.pfizeruc.com/styles/ 2 KB
1 KB 227ms
226ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/tokens.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/default.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0d75e41c3718eecfda17d190a47b2db8a602a0b3c9c61fcb58485824cca06e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/default.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 622
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000035-IAD, cache-iad-kiad7000035-IAD, cache-fra-eddf8230049-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code Q4ScWk84FTAw92EP
last-modified: Fri, 12 Jul 2024 13:05:44 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.314232,VS0,VE3
etag: "2302e45261e1104827870d83262be183"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e402fdb8fa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 13, 0

GET
H2 200 mustache-min.mjs Show response
www.pfizeruc.com/lib/scripts/ 7 KB
6 KB 127ms
125ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/mustache-min.mjs

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb805864e715facdb9053e64f1d3d1494ce9a0783189769ee9785d7cc221a4e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/block-renderer.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 2580
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100178-IAD, cache-iad-kjyo7100178-IAD, cache-fra-eddf8230146-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code obiNFiI6m8CoHBBz
last-modified: Thu, 18 Jul 2024 18:27:56 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.286092,VS0,VE5
etag: "0435f9e5c3395c8d0fcb67b1f9241e9e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40304c33a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 14, 0

GET
H2 200 inputs.js Show response
www.pfizeruc.com/lib/scripts/ 3 KB
4 KB 131ms
129ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/inputs.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75126b074f7deca05db04acced3f1160dc6c6904f8bb6dd61779646aec5aef2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/block-renderer.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 980
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000097-IAD, cache-iad-kiad7000097-IAD, cache-fra-eddf8230146-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code uYXfGDmEI_JOcVU1
last-modified: Thu, 18 Jul 2024 18:27:55 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397214.647483,VS0,VE2
etag: "56125b5955c6ed4e00e185e4c7e2ceac"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40304c38a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 17, 1

GET
H2 200 ext-links.js Show response
www.pfizeruc.com/lib/scripts/ 3 KB
4 KB 131ms
131ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/ext-links.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02d5c81b1dfaadd508f038a89472f13bdb0de462a8ac05c52d89c343fc9909f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/overlay.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 1111
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000021-IAD, cache-iad-kiad7000021-IAD, cache-fra-eddf8230094-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code JygnCMujY9pBFNHH
last-modified: Thu, 18 Jul 2024 18:27:55 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.339020,VS0,VE3
etag: "9865ce7022e46a08feafd6ddad8d0cbf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40308c88a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 15, 0

GET
H2 200 nav.plain.html Show response
www.pfizeruc.com/global/ 160 B
3 KB 261ms
261ms Fetch
text/html 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/global/nav.plain.html

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/core-utilities.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4cf27671ef365f8b8262254c1bc9c36a51ca9fde52f35793a963a9f3716d9fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200080-IAD, cache-iad-kcgs7200080-IAD, cache-fra-eddf8230146-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer IEqj6DUmPCT9XMn9 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_metadata v3--pfizeruccom--pfizer_head 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970
last-modified: Mon, 01 Jul 2024 16:13:45 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.512463,VS0,VE92
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=7200, must-revalidate
cf-ray: 8a7e40315d86a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 13, 0

GET
H2 200 fonts.css
www.pfizeruc.com/styles/ 38 B
641 B 206ms
206ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/fonts.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6e79d65e7ea7691e79664a5e7b37d886e605ee00041651b7084d71d8758af81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 58
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000068-IAD, cache-iad-kiad7000068-IAD, cache-fra-eddf8230154-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code O_UP8Reyr_JCgybi
last-modified: Fri, 24 May 2024 13:28:03 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.463414,VS0,VE91
etag: "1adb1493398c14f74c7f361a2fe6509e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40316d8ba5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 260, 0

GET
H2 200 play.svg Show response
www.pfizeruc.com/assets/icons/ 279 B
3 KB 123ms
121ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/play.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38463411c20bead3f10b45d444cafa650e5c9fbb33c9597a823bd83e1716fed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 225
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000105-IAD, cache-iad-kiad7000105-IAD, cache-fra-eddf8230061-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 3Mf2noW5sVxECZbA
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.464322,VS0,VE5
etag: "e6bb4a355b26bfee0fc4db0c4347ef76"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40316d99a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 16, 0

GET
H2 200 left-arrow.svg Show response
www.pfizeruc.com/assets/icons/ 559 B
3 KB 281ms
279ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/left-arrow.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b7a4aef99a268e2d2af4849897122fc023ca158a92dedb62e4e0c41fc726e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 347
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000054-IAD, cache-iad-kiad7000054-IAD, cache-fra-eddf8230055-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 nR8pmvMW_mC7PngV
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397214.835122,VS0,VE91
etag: "247afc43d8dc7352dcddd024819a1e98"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40316d9aa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 22, 0

GET
H2 200 right-arrow.svg Show response
www.pfizeruc.com/assets/icons/ 754 B
4 KB 125ms
123ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/right-arrow.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38abb83622779025211784145df6b5e69de6b60717af8c4efc51e157e9770aa7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 436
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100034-IAD, cache-fra-eddf8230037-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 0SJ1PTZSidMgzELF
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.461236,VS0,VE3
etag: "8277a25ea49dd4460a2a79d95fa70fc5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40316d9ca5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 16, 0

GET
H2 200 fullscreen.svg Show response
www.pfizeruc.com/assets/icons/ 751 B
3 KB 371ms
369ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/fullscreen.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a61ea7898eb87ff5864b9c409fe40a3bdc45f802d88a8efa5ee2f489da23da97

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 408
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000138-IAD, cache-iad-kiad7000138-IAD, cache-fra-eddf8230081-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 Z1rf18B6_Y2vCEdM
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764764.448095,VS0,VE272
etag: "ca62200537e2bf4a5bbd9e32304d0961"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40316d9ea5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 2, 0

GET
H2 200 placeholders.json Show response
www.pfizeruc.com/ 4 KB
1 KB 210ms
209ms Fetch
application/json 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/placeholders.json

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

638e29e8b6ad979efff374288df0236f5f308825a94424dc0eda934f81af8230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
referrer-policy: same-origin
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-encoding: br
x-content-type-options: nosniff
x-franklin-ref: v3
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cf-ray: 8a7e40316da1a5f6-FRA
x-edison-type: Adobe
x-xss-protection: 1; mode=block

GET
H2 200 media_17be65d7922b223002ce377a32820953e2b59491e.jpeg
www.pfizeruc.com/ 31 KB
32 KB 422ms
421ms Image
image/webp 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/media_17be65d7922b223002ce377a32820953e2b59491e.jpeg?width=2000&format=webply&optimize=medium

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b32a45faa06e34d6e2ea8cc1686979d10abd2e05b8b2831911fc1a3c548d50d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by: vpop-kiad7010211
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=111688 idim=1440x900 ifmt=jpeg ofsz=31562 odim=1440x900 ofmt=webp
fastly-stats: io=1
content-length: 31562
cdn-cache-control: max-age=2592000, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100172-IAD, cache-iad-kjyo7100172-IAD, cache-fra-eddf8230060-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer main--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_media LwcaRtR3sTEzxbh0
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.562672,VS0,VE338
etag: "NF10iscP8ziqo5mOJVlR4jsWI2EdVL5d8Ogb1t9nrcw"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40323ebda5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 56, 0

GET
H2 200 fonts.css
www.pfizeruc.com/lib/styles/ 907 B
838 B 125ms
125ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/styles/fonts.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b8cdcb68c2e3ad79d01abd6c0ecf3e1925500a744d9c41f7bb6357b6e3a5f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/fonts.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 215
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200103-IAD, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230107-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code wuCJpHdR5IKW09b9
last-modified: Thu, 18 Jul 2024 18:27:57 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397215.384709,VS0,VE1
etag: "2f85e6ff7a5b66c0c7e425b07f6686c4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4032af6ba5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 24, 0

GET
H2 200 external-link-allowlist.json Show response
www.pfizeruc.com/global/popups/ 82 B
368 B 235ms
235ms Fetch
application/json 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/global/popups/external-link-allowlist.json

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/pfizer-utilities.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6709692c4ea946588a97676608eb110c363010c6e9a2932bc7ed9d0a543d7589

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 93
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200032-IAD, cache-iad-kcgs7200032-IAD, cache-fra-eddf8230108-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer mvNR6rS1ftfq1wAq 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970
last-modified: Wed, 12 Jun 2024 00:58:18 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.051473,VS0,VE92
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034d9e1a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 19, 0

GET
H2 200 video-banner.css
www.pfizeruc.com/blocks/video-banner/ 7 KB
2 KB 126ms
124ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/blocks/video-banner/video-banner.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0dc15049c55861741a1740c1e1a520c2bab3d0c36c9aeb45c19bfd7c92eb64b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 1496
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000035-IAD, cache-iad-kiad7000035-IAD, cache-fra-eddf8230065-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code 9EPQu85z_Iw48v__
last-modified: Fri, 12 Jul 2024 13:05:43 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.030921,VS0,VE4
etag: "1b57bb2163193c1ba617c5e8971b15aa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034e9e4a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 4, 0

GET
H2 200 video-banner.js Show response
www.pfizeruc.com/blocks/video-banner/ 6 KB
4 KB 177ms
175ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/blocks/video-banner/video-banner.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb429bf5d7df0bc7d017604e192fd799469db198cca557bf1dc84cbeb1a6ef71

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/lib-franklin.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 1498
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100110-IAD, cache-iad-kjyo7100110-IAD, cache-fra-eddf8230157-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code _qlUuHJXFrm4cUFu
last-modified: Fri, 12 Jul 2024 13:05:43 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1720907363.396554,VS0,VE2
etag: "e68eb586f1767e15e559bc60eeeb0cf3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034e9eba5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 5, 0

GET
H2 200 cards.css
www.pfizeruc.com/blocks/cards/ 811 B
784 B 114ms
112ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/blocks/cards/cards.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76d8cc582264646863f88c9376523958d16972506b5b662634145bbbce1d905d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 389
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100125-IAD, cache-iad-kjyo7100125-IAD, cache-fra-eddf8230032-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code Uo_5rOatdR3xD2Nw
last-modified: Wed, 26 Jun 2024 07:39:31 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.021161,VS0,VE4
etag: "41c572803bea74ca2e2d45786fe79e28"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034e9e7a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 158, 0

GET
H2 200 cards.js Show response
www.pfizeruc.com/blocks/cards/ 17 KB
6 KB 140ms
138ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/blocks/cards/cards.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb5428e9b33c0075eaacd0792f24ef74879cf3cc3d32bf017e530e2465607489

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/lib-franklin.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 3246
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200162-IAD, cache-iad-kcgs7200162-IAD, cache-fra-eddf8230024-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code NUImcJHp5b6zPDyJ
last-modified: Mon, 15 Jul 2024 15:26:44 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.043073,VS0,VE5
etag: "f9cc4b669392333907175d6f88fa03e9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034e9eca5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 22, 0

GET
H2 200 columns.css
www.pfizeruc.com/blocks/columns/ 427 B
484 B 209ms
208ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/blocks/columns/columns.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03487f3dc75a286c440bf80fbabe8f7f497b29d76aa03bdaa781b3d74bacbac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 210
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200170-IAD, cache-iad-kiad7000033-IAD, cache-fra-eddf8230121-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code F0r5XSMXL_etr1NX
last-modified: Fri, 24 May 2024 13:28:02 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.028754,VS0,VE92
etag: "2e755552ffa635bff8e1a6729cc849cf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034e9e8a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 15, 0

GET
H2 200 columns.js Show response
www.pfizeruc.com/blocks/columns/ 568 B
3 KB 277ms
276ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/blocks/columns/columns.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4aa3133fa918126152fec139e17e39c86bb7bd7b99d5ec9d20f66498f7a60e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/lib-franklin.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 309
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200158-IAD, cache-iad-kcgs7200158-IAD, cache-fra-eddf8230097-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code h_G0hjJzw0i_XXkS
last-modified: Fri, 24 May 2024 13:28:02 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.087053,VS0,VE97
etag: "249d6f1990af6b08e13e2d8a44dc3723"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034e9eda5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 1, 0

GET
H2 200 header.css
www.pfizeruc.com/blocks/header/ 5 KB
2 KB 180ms
179ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/blocks/header/header.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f90ed2dbba947925557114c44e7674fda88b8294f07992678b7bb5bddd2ce4f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 1353
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000081-IAD, cache-iad-kiad7000081-IAD, cache-fra-eddf8230157-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code o5TbRraDvVM8O3_6
last-modified: Fri, 12 Jul 2024 13:05:43 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.083431,VS0,VE3
etag: "0f79770519d2c32e076b034970588d5d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034e9efa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 7, 0

GET
H2 200 header.js Show response
www.pfizeruc.com/blocks/header/ 6 KB
5 KB 148ms
147ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/blocks/header/header.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd9b5b34b1aebcaa925a1a696536a9c11cde772a0353cffcc0e4e4124ad71dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/lib-franklin.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: HIT, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 1817
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200178-IAD, cache-iad-kcgs7200178-IAD, cache-fra-eddf8230103-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code dUQB9wWnlqCmnAi6
last-modified: Fri, 12 Jul 2024 11:17:44 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.051957,VS0,VE4
etag: "3380f710779b7682cb7f58777313a196"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034e9f2a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 2, 0

GET
H2 200 footer.css
www.pfizeruc.com/lib/blocks/footer/ 9 KB
2 KB 169ms
168ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/blocks/footer/footer.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80ad82ea9386119a630e121fa0779791211a2a39aa188ab1e9d8578bfada4116

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 1508
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200116-IAD, cache-iad-kcgs7200116-IAD, cache-fra-eddf8230149-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code TFeF2iaGd60b4F3q
last-modified: Thu, 18 Jul 2024 18:27:44 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.073208,VS0,VE4
etag: "5c3c3036e7e58051b76bf4d9f93a6a10"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4034e9f0a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 27, 0

GET
H2 200 footer.js Show response
www.pfizeruc.com/lib/blocks/footer/ 4 KB
4 KB 240ms
239ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/blocks/footer/footer.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364b5f4ba17bf921c32b7cd8152ef885a3f0fbc252a8cd8030b6843a85cff711

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/lib-franklin.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 1113
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100127-IAD, cache-iad-kjyo7100127-IAD, cache-fra-eddf8230128-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code n1NQbqXc9Qd7sivn
last-modified: Thu, 18 Jul 2024 18:27:44 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.138141,VS0,VE4
etag: "cca0c10218b4a012b45dafc2ea8f80e7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40350a21a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 23, 0

GET
H2 200 brightcove.js Show response
www.pfizeruc.com/scripts/ 3 KB
4 KB 140ms
140ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/scripts/brightcove.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6900c99ea3ec778bc57fa65bd922c0791941221994eac4125f344511b9bc8ffe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/blocks/cards/cards.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 953
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200170-IAD, cache-iad-kcgs7200170-IAD, cache-fra-eddf8230035-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code toRbNmslYrEJ1s7w
last-modified: Fri, 12 Jul 2024 13:05:43 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.168577,VS0,VE11
etag: "2b89e58ea4a177469f476efc25aa532b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4035cb0aa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 134, 0

GET
H2 200 nav.plain.html Show response
www.pfizeruc.com/global/ 160 B
0 0ms
0ms Fetch
text/html 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/global/nav.plain.html

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/blocks/header/header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4cf27671ef365f8b8262254c1bc9c36a51ca9fde52f35793a963a9f3716d9fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200080-IAD, cache-iad-kcgs7200080-IAD, cache-fra-eddf8230146-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer IEqj6DUmPCT9XMn9 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_metadata v3--pfizeruccom--pfizer_head 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970
last-modified: Mon, 01 Jul 2024 16:13:45 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.512463,VS0,VE92
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=7200, must-revalidate
cf-ray: 8a7e40315d86a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 13, 0

GET
H2 200 pfizer-white.svg Show response
www.pfizeruc.com/assets/icons/ 9 KB
7 KB 186ms
185ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/pfizer-white.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d564ea261d5f2a623a87658882885287da9b882119707bd66f000e121ae76294

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 3676
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200106-IAD, cache-iad-kcgs7200106-IAD, cache-fra-eddf8230115-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 WO0LN2HpqG0Th1Ka
last-modified: Tue, 25 Jun 2024 12:26:31 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.152313,VS0,VE93
etag: "93926a27af2dde721bfc0de59a71cb53"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4035db17a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 2, 0

GET
H2 200 pfizer.svg Show response
www.pfizeruc.com/assets/icons/ 9 KB
7 KB 91ms
91ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/pfizer.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a8e077f917b9c7afd2cc36e33071812a88df8cc8fa6aa62e6209cac6fe4c14

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 3685
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100057-IAD, cache-iad-kjyo7100057-IAD, cache-fra-eddf8230104-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 YhVLlJrkB45tX8L2
last-modified: Tue, 25 Jun 2024 12:24:18 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.142805,VS0,VE3
etag: "285bb4a4d987867186849505dcf786b6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4035db19a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 2, 0

GET
H2 200 pfizer-diatype-regular.woff2
www.pfizeruc.com/lib/fonts/ 49 KB
52 KB 114ms
114ms Font
font/woff2 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/fonts/pfizer-diatype-regular.woff2

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f756d371d8ed40df540d4b4528685bae6d446e4f6bc729a17557f646ea65492

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/styles/fonts.css
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 49937
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000021-IAD, cache-iad-kiad7000021-IAD, cache-fra-eddf8230151-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code cL7_iBNrztruf_7q
last-modified: Thu, 18 Jul 2024 18:27:49 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.172274,VS0,VE3
etag: "0179b931f6248385c9da1ecad10d65a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4035db1ca5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 22, 0

GET
H2 200 footer.plain.html Show response
www.pfizeruc.com/global/ 2 KB
4 KB 222ms
221ms Fetch
text/html 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/global/footer.plain.html

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/core-utilities.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02c3f6d848949b31ba78a8976a0105aef781eff6e14a293171248df11895096d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100092-IAD, cache-iad-kjyo7100092-IAD, cache-fra-eddf8230065-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer Fj16Ow2SKtUvODJW 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_metadata v3--pfizeruccom--pfizer_head 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970
last-modified: Fri, 21 Jun 2024 13:43:29 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.242668,VS0,VE95
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=7200, must-revalidate
cf-ray: 8a7e40366ba4a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 17, 0

GET
H2 200 icon-ext-link-desktop.svg
www.pfizeruc.com/assets/icons/ 672 B
3 KB 183ms
179ms Image
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/assets/icons/icon-ext-link-desktop.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/default.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98a8dc66d7e8254d5e9da7f3564969f91c654b7cb08e5a601f5d97e9f8cd2074

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/default.css
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 406
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100047-IAD, cache-fra-eddf8230154-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 xg8pmdWUR7HotFb7
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.293803,VS0,VE94
etag: "2b46c9b886a52ad5d9d1fc6cc44ed064"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4036cc39a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 2, 0

GET
H2 200 play-icon-hover.svg
www.pfizeruc.com/assets/icons/ 302 B
3 KB 166ms
163ms Image
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/assets/icons/play-icon-hover.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/sections/two-column-video.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5032a163bf82d2a3e1ab35c625b2df429dbe7b3000d185d1b6292fad4cfb54f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/sections/two-column-video.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 237
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100149-IAD, cache-iad-kjyo7100149-IAD, cache-fra-eddf8230120-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 4SKjP9ODKw5xYa67
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.296089,VS0,VE5
etag: "0bdf5d7d08fa2c55cc09f1de0b47be84"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4036cc3aa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 2, 0

GET
H2 200 icon-arrow-hover.svg
www.pfizeruc.com/assets/icons/ 387 B
3 KB 164ms
162ms Image
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/assets/icons/icon-arrow-hover.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/sections/card-carousel.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d0c471e4a5275a5877f14edb0f4fdb67d8bcdaaf888f326581e292dca3b539e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/sections/card-carousel.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 273
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kcgs7200093-IAD, cache-fra-eddf8230137-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 jjHv4fTaSyjo76ua
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.295043,VS0,VE4
etag: "62a8b3842233953cc2e5c3c5ed2a06c8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4036cc3ea5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 2, 0

GET
H2 200 pfizer-tomorrow-regular.woff2
www.pfizeruc.com/lib/fonts/ 29 KB
32 KB 151ms
148ms Font
font/woff2 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/fonts/pfizer-tomorrow-regular.woff2

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f8b6d72cf37a3cfd1d13079d707736647d7eb26cca1b295d4b766aa3e3f8122

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/styles/fonts.css
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 29504
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000178-IAD, cache-iad-kiad7000178-IAD, cache-fra-eddf8230084-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code QG0qt7nWoYpHCrDK
last-modified: Thu, 18 Jul 2024 18:27:49 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.351672,VS0,VE2
etag: "966632e38f01a86ae0077b97163139fe"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4036dc5aa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 18, 0

GET
H2 200 pfizer-diatype-medium.woff2
www.pfizeruc.com/lib/fonts/ 53 KB
56 KB 151ms
149ms Font
font/woff2 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/fonts/pfizer-diatype-medium.woff2

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de05e7860bac80f0b4bf46c6ac3e1793dd425e397e0944e2fc5abb2fd90aaf3f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/styles/fonts.css
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 54369
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000029-IAD, cache-iad-kiad7000029-IAD, cache-fra-eddf8230109-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code p2DdtSMV2g5RL_O5
last-modified: Thu, 18 Jul 2024 18:27:49 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.352451,VS0,VE3
etag: "bdcb27084c18ec674092ab6c66762a14"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4036dc5ba5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 491, 0

GET
H2 200 pfizer-tomorrow-bold.woff2
www.pfizeruc.com/lib/fonts/ 29 KB
32 KB 184ms
183ms Font
font/woff2 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/fonts/pfizer-tomorrow-bold.woff2

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1bd1d23d51b8ce498b5e69be277148909f669b51dd13848f5f1f80e10d8dc38

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/styles/fonts.css
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 29736
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000153-IAD, cache-iad-kiad7000153-IAD, cache-fra-eddf8230041-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code lEjDE8hgwOW7kYyB
last-modified: Thu, 18 Jul 2024 18:27:49 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.372760,VS0,VE4
etag: "197e3e32eb78a1135a941f29806ab937"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4036dc5da5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 19, 0

GET
H2 200 pfizer-diatype-heavy.woff2
www.pfizeruc.com/lib/fonts/ 62 KB
65 KB 152ms
150ms Font
font/woff2 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/fonts/pfizer-diatype-heavy.woff2

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b0bea3c69a4d04a5fdcf314415de1832b3069be91d829c884c65147cdcb2a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/styles/fonts.css
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 63278
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000178-IAD, cache-iad-kiad7000178-IAD, cache-fra-eddf8230132-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code YX_f3x2pR3RiZ1wW
last-modified: Thu, 18 Jul 2024 18:27:49 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721561673.887099,VS0,VE4
etag: "6853aa6d60f83ce4b61c0b804ad0511f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4036dc5fa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 24, 0

GET
H2 200 media_147816fdf7bd6a053ef5e2cd27bb0f657daaa7613.png
www.pfizeruc.com/ 1 KB
2 KB 171ms
169ms Image
image/webp 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/media_147816fdf7bd6a053ef5e2cd27bb0f657daaa7613.png?width=750&format=webply&optimize=medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bf10b6ee51d6a02cf34b509212d63957646d6227855dbfd6b359742fdfbaa4e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by: vpop-kiad7010230
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=2539 idim=220x220 ifmt=png ofsz=1402 odim=220x220 ofmt=webp
fastly-stats: io=1
content-length: 1402
cdn-cache-control: max-age=2592000, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000146-IAD, cache-iad-kiad7000146-IAD, cache-fra-eddf8230070-FRA
referrer-policy: same-origin
surrogate-key: main--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_media 8wPHDFHGUd_z0Aul
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.303363,VS0,VE94
etag: "X45xbJrkeJ/OhHvNnE/JJMh6zRQxH691lzWtVqarQ7s"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4036dc57a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 3, 0

GET
H2 200 media_1e4475cb549329aaea8fcb687946766ea44311c04.png
www.pfizeruc.com/ 4 KB
5 KB 185ms
184ms Image
image/webp 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/media_1e4475cb549329aaea8fcb687946766ea44311c04.png?width=750&format=webply&optimize=medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5266f1c6f8df0b73d47fc240fc92898750c0dfd414c7e54f6aa48dff1d3510e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by: vpop-kiad7010246
x-cache: HIT, HIT, HIT
fastly-io-info: ifsz=5305 idim=204x204 ifmt=png ofsz=3980 odim=204x204 ofmt=webp
fastly-stats: io=1
content-length: 3980
cdn-cache-control: max-age=2592000, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000119-IAD, cache-iad-kiad7000119-IAD, cache-fra-eddf8230051-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer main--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_media 4qORVyJKL2rx1Xhd
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764766.500667,VS0,VE93
etag: "x+wez6MyWzbRKZSXBwU3XjWWaYDYqPGXk686Lvk7drQ"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40380dfba5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 10, 0

GET
H2 200 media_1fd4b3d2f1a186ffdbc94710bedb3eea7268ebaff.png
www.pfizeruc.com/ 2 KB
3 KB 252ms
250ms Image
image/webp 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/media_1fd4b3d2f1a186ffdbc94710bedb3eea7268ebaff.png?width=750&format=webply&optimize=medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e1423946620711e8cae21096cae3a40ecd9f1279a0a849830a6706f73fbf5a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by: vpop-kiad7010247
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=3492 idim=220x220 ifmt=png ofsz=2432 odim=220x220 ofmt=webp
fastly-stats: io=1
content-length: 2432
cdn-cache-control: max-age=2592000, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kjyo7100114-IAD, cache-fra-eddf8230159-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer main--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_media uy76tDYF5MlGuc8u
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764766.622041,VS0,VE90
etag: "EMprZsVCgoEnVe+aD2MbO86l9u3ICXl4L+7pR6kuTes"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40385e50a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 55, 0

GET
H2 200 media_1f31285a649a35c8da1bf2a0b46558f267a377743.png
www.pfizeruc.com/ 3 KB
4 KB 75ms
74ms Image
image/webp 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/media_1f31285a649a35c8da1bf2a0b46558f267a377743.png?width=750&format=webply&optimize=medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

156c6260be2bf4538a75f30a2416f5e2f7b09ade8e6b08d88e58991a43f81d00

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by: vpop-kiad7010215
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=3910 idim=194x197 ifmt=png ofsz=2926 odim=194x197 ofmt=webp
fastly-stats: io=1
content-length: 2926
cdn-cache-control: max-age=2592000, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200077-IAD, cache-iad-kcgs7200077-IAD, cache-fra-eddf8230157-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer main--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_media XllA0FqZEbV85Pya
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764766.552672,VS0,VE3
etag: "mUuabKMUQb0AaR94SETaiyxF8vP+7YCiyLiyiGFjpY4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40387e7da5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 43, 0

GET
H2 200 media_17f8b980378560ea620fb11469840500a1cc2d3c3.jpeg
www.pfizeruc.com/ 7 KB
7 KB 105ms
101ms Image
image/webp 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/media_17f8b980378560ea620fb11469840500a1cc2d3c3.jpeg?width=750&format=webply&optimize=medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82513d1b68bdc029a8e84ce0c009e226bbe2ac8b6c8ac69c5dd6332a475e9f19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by: vpop-kiad7010230
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=41564 idim=365x646 ifmt=jpeg ofsz=6992 odim=365x646 ofmt=webp
fastly-stats: io=1
content-length: 6992
cdn-cache-control: max-age=2592000, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100174-IAD, cache-iad-kjyo7100084-IAD, cache-fra-eddf8230138-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer main--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_media Pw0wm_1kP7vRERKS
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764766.653995,VS0,VE9
etag: "U8aI5tjYu7Fl08vG0kahiWH3lbTu9h92Nwq1rKiF1L0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4038ff07a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 132, 0

GET
H2 200 icon-twitter.svg Show response
www.pfizeruc.com/assets/icons/ 885 B
3 KB 303ms
301ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/icon-twitter.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a8333bc4513f485d1b073c4470bd12049fc91714e505ce313cf690d49c87f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 475
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200059-IAD, cache-iad-kjyo7100025-IAD, cache-fra-eddf8230057-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer f21a346a1022bdd4278bf0afc243cbab72d613c8cae1fa5cd7f11249d5e c1Uarw0zwdcmgdAL
last-modified: Fri, 31 May 2024 09:25:01 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764766.581492,VS0,VE99
etag: "cadac020ee23fbc8cd130228a8be9232"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4037ddb6a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 182, 0

GET
H2 200 icon-facebook.svg Show response
www.pfizeruc.com/assets/icons/ 646 B
3 KB 176ms
174ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/icon-facebook.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d86b1985151597ca80be05da70449437e56958c3c43eba162d283565c160f28

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 393
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kcgs7200093-IAD, cache-fra-eddf8230133-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 FWEzjHyTICUAZSau
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.457861,VS0,VE91
etag: "06a640d8a2381973f35852324860cc52"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4037ddb8a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 2, 0

GET
H2 200 icon-linkedin.svg Show response
www.pfizeruc.com/assets/icons/ 1 KB
4 KB 77ms
75ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/icon-linkedin.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6776094654ab5df28ef6ee16b95ca5749791688d813b510c78a4a773c2d3bf2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 544
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100046-IAD, cache-iad-kjyo7100046-IAD, cache-fra-eddf8230036-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 K13WOqEUhMkCJpWa
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397214.441660,VS0,VE3
etag: "a43d1ad3700cc7f0caf480541da11037"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4037ddb9a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 16, 0

GET
H2 200 icon-instagram.svg Show response
www.pfizeruc.com/assets/icons/ 3 KB
5 KB 98ms
96ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/icon-instagram.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

117bb71b760a71c946714afa5635c916f3f40610d06e0b743de23a79b483986b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 1494
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100083-IAD, cache-iad-kjyo7100083-IAD, cache-fra-eddf8230121-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 bF5qpdispbXHy9xw
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.468031,VS0,VE3
etag: "21f2f8bc3028bb4e24cbe39bd19319e7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4037ddbaa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 15, 0

GET
H2 200 icon-youtube.svg Show response
www.pfizeruc.com/assets/icons/ 1 KB
4 KB 178ms
176ms Fetch
image/svg+xml 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/icon-youtube.svg

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/common-decorators.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a5f712a0a7eec7ee0851706589cb1d8880241316315434b09db4aba4de5be3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
content-length: 630
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200080-IAD, cache-iad-kcgs7200080-IAD, cache-fra-eddf8230057-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 qZEUtvfKzyOraIqU
last-modified: Tue, 25 Jun 2024 11:11:19 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.465889,VS0,VE91
etag: "796bcce6fd5fb7d1563ba6553bef6377"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4037ddbba5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 3, 0

GET
H2 200 smart-capture.js Show response
www.pfizeruc.com/lib/scripts/ 1 KB
4 KB 120ms
118ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/smart-capture.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/core-utilities.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4386854c86323d4320404638bda37b391163b9cbc04b2ece6b0cb7b874fcab9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/core-utilities.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 589
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200099-IAD, cache-iad-kcgs7200099-IAD, cache-fra-eddf8230096-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code BUSULmtpRtEeDIaQ
last-modified: Thu, 18 Jul 2024 18:27:56 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764766.809462,VS0,VE3
etag: "2264cb9fdb7c1a7f235c4ee2aafbe99e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4039c826a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 24, 0

GET
H2 200 lazy-styles.css
www.pfizeruc.com/styles/ 126 B
459 B 139ms
139ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/lazy-styles.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa03471f01a424dfc896e2d8ffa177876a9ecdb56003612b349281db566065f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 99
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000037-IAD, cache-iad-kiad7000037-IAD, cache-fra-eddf8230111-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code Bo7H0kbWZ5Lhw3Tk
last-modified: Fri, 12 Jul 2024 13:05:44 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764766.993692,VS0,VE4
etag: "7691342262f68beb44469fe739097f63"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e403ad976a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 8, 0

GET
H2

200

media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
www.pfizeruc.com/assets/icons/
Redirect Chain

https://www.pfizeruc.com/favicon.ico
https://www.pfizeruc.com/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico

15 KB
3 KB

87ms
81ms

Other
image/vnd.microsoft.icon

2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico

Protocol

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

003b48783206eb62d337684db5c0f092f8a90fffd3554d5d3705f291bf9ab895

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
cdn-cache-control: max-age=2592000, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100110-IAD, cache-iad-kiad7000069-IAD, cache-fra-eddf8230156-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer main--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_media Ib9pmqmYb8dHBhV4
last-modified: Wed, 19 Jun 2024 11:07:25 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721561674.770039,VS0,VE93
etag: W/"943456f5190dd2659dd0d176a60658bd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
cache-control: max-age=2592000, must-revalidate
cf-ray: 8a7e403baa8ea5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 101, 0

Redirect headers

date: Tue, 23 Jul 2024 19:59:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: HIT, HIT, HIT
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100028-IAD, cache-iad-kjyo7100028-IAD, cache-fra-eddf8230062-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970 bOqXA7bKZovpxY5x
x-franklin-ref: v3
server: cloudflare
x-timer: S1721740000.779578,VS0,VE4
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: /assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
cache-control: max-age=7200, must-revalidate
cf-ray: 8a7e403b09eba5f6-FRA
x-edison-type: Adobe
retry-after: 0
x-cache-hits: 0, 72, 0

GET
H2 200 lazy-styles.css
www.pfizeruc.com/lib/styles/ 22 B
535 B 105ms
104ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/styles/lazy-styles.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/lazy-styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2074c5a21a5fbfd34a34de13ee52d92ef62bcdfb0dce2d7dc10859314974c033

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/lazy-styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 42
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100161-IAD, cache-iad-kjyo7100161-IAD, cache-fra-eddf8230146-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code iMuKVRL_PaJqmNRL
last-modified: Thu, 18 Jul 2024 18:27:57 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397215.134892,VS0,VE1
etag: "5b9cbcfd009ee301991706c7c645dd0b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e403bba9fa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 21, 0

GET
H2 200 footer.css
www.pfizeruc.com/styles/sections/ 4 KB
1 KB 212ms
212ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/sections/footer.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/lazy-styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60cbcc193a715c5360390eedca26437c061db81d02d6e7bd300cdefbcccd8f6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/lazy-styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 920
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100049-IAD, cache-iad-kjyo7100049-IAD, cache-fra-eddf8230130-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code 2eZlva0_iTcGuR7K
last-modified: Wed, 03 Jul 2024 15:59:52 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764766.116410,VS0,VE95
etag: "166dced59a9048819d9faf20179826f6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e403bbaa2a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 3, 0

GET
H2 200 scroll-nav.css
www.pfizeruc.com/styles/sections/ 1 KB
866 B 237ms
237ms Stylesheet
text/css 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/styles/sections/scroll-nav.css

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/styles/lazy-styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6745a0b0c9a5fcbe8e38b826a5b84641ae339e8de31406c45295134371e189d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/styles/lazy-styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 504
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200073-IAD, cache-iad-kcgs7200073-IAD, cache-fra-eddf8230141-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code ai_IzQe0mX5pAhMr
last-modified: Thu, 27 Jun 2024 10:02:34 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764766.136847,VS0,VE94
etag: "93be530a8ab61d03e7e15cf89bf4dbf3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e403bbaa4a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 69, 0

GET
H2 200 index.min.js Show response
players.brightcove.net/1852113022001/SM6Flwe5l_default/ 1021 KB
287 KB 1326ms
1073ms Script
application/javascript 23.213.165.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/1852113022001/SM6Flwe5l_default/index.min.js
Requested by: Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-94.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: beb153e5cdf3a0d669dc62db7998370b6d58130893a8894705552cd51522487f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2HCHuZX7HN6HfpZOi2OCK1Z99MdqJU5g
content-encoding: gzip
date: Tue, 23 Jul 2024 19:59:29 GMT
x-amz-request-id: 875SVQKYJYN8VENX
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 293701
x-amz-id-2: yfWSJ7LmcgMYQhEsZb9kh4Irq8HnpRCx+i4WqwMsBnORcDWC4EJULsedle7J2SrzhP0Xu33d4scoFa5QB4G/h9wAL62vVLcNHNO5szw5UmY=
x-bcov-response-mode: 1
x-served-by: cache-fra-etou8220064-FRA
last-modified: Tue, 04 Jun 2024 21:06:22 GMT
server: AmazonS3
x-timer: S1717567919.007132,VS0,VE726
etag: "0c5e4187c68f04ecc16f4a550d71aa99"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 delayed.js Show response
www.pfizeruc.com/lib/scripts/ 678 B
3 KB 132ms
130ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/delayed.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faefa2545d5888dcb5e8778f2e89dfdcf4505784a8d43fd908c66ed4e7e714b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 357
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200048-IAD, cache-iad-kcgs7200048-IAD, cache-fra-eddf8230125-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code 4meE_Fv00TCOj6_e
last-modified: Thu, 18 Jul 2024 18:27:55 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764769.976037,VS0,VE3
etag: "59e8ddf338499766b86ae71395b3c632"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e404d989ca5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 9, 0

GET
H2 200 delayed.js Show response
www.pfizeruc.com/scripts/ 726 B
3 KB 175ms
173ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/scripts/delayed.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/scripts/scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8982f0ff4ff9084993876df142302a90cf542efe2c5b05d676e83799f00eaa4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/scripts/scripts.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 392
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200170-IAD, cache-iad-kcgs7200170-IAD, cache-fra-eddf8230130-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code G_zapILk0YPkOQkW
last-modified: Fri, 12 Jul 2024 13:05:43 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397218.961262,VS0,VE3
etag: "f360c072455ca0245bf4b120ec255a07"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e404d98a3a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 141, 0

GET
H2 200 adobe-launch.js Show response
www.pfizeruc.com/lib/scripts/ 940 B
4 KB 126ms
123ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/adobe-launch.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57c0e9f1b498be04594dcbd8f5a50378d8e9150b1a4b3f5f392d200ba2437fc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/delayed.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 412
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000061-IAD, cache-iad-kiad7000061-IAD, cache-fra-eddf8230096-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code iZd89pf_UTfVpcab
last-modified: Thu, 18 Jul 2024 18:27:54 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764769.116622,VS0,VE2
etag: "fbb7ed53118ecc755dddb5026811ef1f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e404e79ada5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 16, 0

GET
H2 200 index.js Show response
www.pfizeruc.com/lib/scripts/analytics/ 1 KB
4 KB 142ms
140ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/analytics/index.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec406fcb627646370d5dbc20527de851e28e0bab93e66dbe5d82c095b7974f5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/delayed.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 500
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100085-IAD, cache-iad-kjyo7100085-IAD, cache-fra-eddf8230084-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code a_gy0cetR8X74HQK
last-modified: Thu, 18 Jul 2024 18:27:54 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764769.135208,VS0,VE2
etag: "1f517bb4e2c448af1dfb30f1f7ec36e5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e404e79afa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 16, 0

GET
H2 200 delay-analytics.js Show response
www.pfizeruc.com/scripts/ 2 KB
4 KB 131ms
131ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/scripts/delay-analytics.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcab73383e4c5150c20c8df3c6978c26bf56e11df26587ca374c55bbdbf80273

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/scripts/delayed.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: HIT, HIT, HIT
x-franklin-template: pfizerforcom (main)
content-length: 717
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000140-IAD, cache-iad-kiad7000140-IAD, cache-fra-eddf8230124-FRA
referrer-policy: same-origin
surrogate-key: main--pfizerforcom--pfizer main--pfizerforcom--pfizer_code 7jAa_NoiU16xIrqm
last-modified: Fri, 12 Jul 2024 13:05:43 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764769.164561,VS0,VE5
etag: "26bb226e7e35cbd794b97ea3b23a21f1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e404eb9fba5f6-FRA
x-edison-type: Adobe
x-cache-hits: 1, 30, 0

GET
H2 200 tag-manager.js Show response
www.pfizeruc.com/lib/scripts/ 426 B
3 KB 113ms
113ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/tag-manager.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c494522dbacc3ebe700830b0663fc539d9faede84cbe1c4bc03203746ea0379b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/adobe-launch.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 234
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200064-IAD, cache-iad-kcgs7200064-IAD, cache-fra-eddf8230028-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code Xneie9KWxIgwv4QF
last-modified: Thu, 18 Jul 2024 18:27:56 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397218.470498,VS0,VE2
etag: "39514638c66eb01052469024ec3d5f3d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e404f3a7fa5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 14, 1

GET
H2 200 helpers.js Show response
www.pfizeruc.com/lib/scripts/ 4 KB
4 KB 124ms
124ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/helpers.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3c9c91c7b4727cc88d645fe1ec648f955d2ad67ae47d748b732bfa5fbe726c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/analytics/index.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 1275
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200117-IAD, cache-iad-kcgs7200117-IAD, cache-fra-eddf8230021-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code 7xky6HZbEhGZW9oc
last-modified: Thu, 18 Jul 2024 18:27:55 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764769.258501,VS0,VE3
etag: "4899651fcdaeeef7a9600f7b2f20dcc9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e404f5a96a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 13, 0

GET
H2 200 placeholders.json Show response
www.pfizeruc.com/ 4 KB
1 KB 109ms
109ms Fetch
application/json 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/placeholders.json

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/lib-franklin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

638e29e8b6ad979efff374288df0236f5f308825a94424dc0eda934f81af8230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
referrer-policy: same-origin
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-encoding: br
x-content-type-options: nosniff
x-franklin-ref: v3
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cf-ray: 8a7e40501b76a5f6-FRA
x-edison-type: Adobe
x-xss-protection: 1; mode=block

GET
H2 200 analytics-worker.js Show response
www.pfizeruc.com/lib/scripts/analytics/legacy/ 2 KB
4 KB 136ms
135ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/analytics/legacy/analytics-worker.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/lib/scripts/analytics/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4c8392842fc3c219ad333cbe866bf85357ee5c750ffc484ed92bd862127c8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/analytics/index.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 713
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000087-IAD, cache-iad-kiad7000087-IAD, cache-fra-eddf8230156-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code 81682lTZwKzHEmSl
last-modified: Thu, 18 Jul 2024 18:27:54 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764770.511295,VS0,VE4
etag: "35424656c9f5b8c944fdd0dbabbdc42f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4050dc37a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 14, 0

GET
H2 200 analytics.js Show response
www.pfizeruc.com/lib/scripts/analytics/ 4 KB
5 KB 132ms
132ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/analytics/analytics.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c947368367e26ee028da8329301afd63647a7b17bda2582d95f3f454df9a3a19

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/analytics/legacy/analytics-worker.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 1506
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200047-IAD, cache-iad-kcgs7200047-IAD, cache-fra-eddf8230032-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code cH0Nt7SztioWtsC8
last-modified: Thu, 18 Jul 2024 18:27:54 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397219.054444,VS0,VE1
etag: "f0690e68b8ec60011b756aad3645bbc7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4051ad00a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 15, 1

GET
H2 200 analytics-inteface.js Show response
www.pfizeruc.com/lib/scripts/analytics/ 559 B
3 KB 114ms
113ms Script
text/javascript 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pfizeruc.com/lib/scripts/analytics/analytics-inteface.js

Requested by

Host: www.pfizeruc.com
URL: https://www.pfizeruc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b39d81065cb59702c9a59b7d3ea2d3779380488f882ea5b72c5d6d81a1a9d876

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/lib/scripts/analytics/analytics.js
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache: MISS, HIT, HIT
x-franklin-lib: libraryfranklinpfizer - main (release32)
content-length: 235
cdn-cache-control: max-age=172800, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kcgs7200027-IAD, cache-fra-eddf8230044-FRA
referrer-policy: same-origin
surrogate-key: release32--libraryfranklinpfizer--pfizer release32--libraryfranklinpfizer--pfizer_code sArzuCCmTv6T_DpV
last-modified: Thu, 18 Jul 2024 18:27:54 GMT
x-franklin-ref: v3
server: cloudflare
x-timer: S1721397219.188304,VS0,VE2
etag: "4f8fee63e825469ea58dfeb026080105"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40528de5a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 16, 0

GET data-layer
www.pfizeruc.com/ 0
0

OPTIONS
H2 200 6355417021112
edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/ 0
0 136ms
35ms Preflight 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/6355417021112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.pfizeruc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 23 Jul 2024 19:59:30 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220042-FRA
x-timer: S1721764770.028164,VS0,VE0

OPTIONS
H2 200 6355449049112
edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/ 0
0 114ms
35ms Preflight 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/6355449049112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.pfizeruc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 23 Jul 2024 19:59:30 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220042-FRA
x-timer: S1721764770.028127,VS0,VE0

GET
H2 200 media_17be65d7922b223002ce377a32820953e2b59491e.jpeg
www.pfizeruc.com/ 31 KB
0 1ms
1ms Image
image/webp 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/media_17be65d7922b223002ce377a32820953e2b59491e.jpeg?width=2000&format=webply&optimize=medium

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/1852113022001/SM6Flwe5l_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b32a45faa06e34d6e2ea8cc1686979d10abd2e05b8b2831911fc1a3c548d50d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by: vpop-kiad7010211
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=111688 idim=1440x900 ifmt=jpeg ofsz=31562 odim=1440x900 ofmt=webp
fastly-stats: io=1
content-length: 31562
cdn-cache-control: max-age=2592000, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100172-IAD, cache-iad-kjyo7100172-IAD, cache-fra-eddf8230060-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer main--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_media LwcaRtR3sTEzxbh0
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764765.562672,VS0,VE338
etag: "NF10iscP8ziqo5mOJVlR4jsWI2EdVL5d8Ogb1t9nrcw"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e40323ebda5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 56, 0

GET 6355417021112
edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/ 0
0

GET
H2 200 media_17f8b980378560ea620fb11469840500a1cc2d3c3.jpeg
www.pfizeruc.com/ 7 KB
7 KB 82ms
81ms Image
image/webp 2606:4700::6812:dc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pfizeruc.com/media_17f8b980378560ea620fb11469840500a1cc2d3c3.jpeg?width=2000&format=webply&optimize=medium

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/1852113022001/SM6Flwe5l_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82513d1b68bdc029a8e84ce0c009e226bbe2ac8b6c8ac69c5dd6332a475e9f19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pfizeruc.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 19:59:29 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by: vpop-kiad7010230
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=41564 idim=365x646 ifmt=jpeg ofsz=6992 odim=365x646 ofmt=webp
fastly-stats: io=1
content-length: 6992
cdn-cache-control: max-age=2592000, must-revalidate
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100147-IAD, cache-iad-kjyo7100147-IAD, cache-fra-eddf8230120-FRA
referrer-policy: same-origin
surrogate-key: v3--pfizeruccom--pfizer main--pfizeruccom--pfizer 1096205cb5cb659908fb766ce024afd077e4214c36f5a90c3dc06898970_media Pw0wm_1kP7vRERKS
x-franklin-ref: v3
server: cloudflare
x-timer: S1721764770.963071,VS0,VE2
etag: "U8aI5tjYu7Fl08vG0kahiWH3lbTu9h92Nwq1rKiF1L0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 8a7e4053f822a5f6-FRA
x-edison-type: Adobe
x-cache-hits: 0, 157, 0

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a412c7eb119cddad46e615ee14664076ece9df0d2eee6b6c9067f7bf053e7c42

Request headers

Referer
Origin: https://www.pfizeruc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET 6355449049112
edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/ 0
0

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 105ms
41ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 103ms
39ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 105ms
41ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
295 B 102ms
38ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 80ms
38ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=81e245b9534542e13ca9a7db&player_mode=media&account=1852113022001&destination=https%3A%2F%2Fwww.pfizeruc.com%2F&platform_version=7.21.0&player=players.brightcove.com%2F1852113022001%2FSM6Flwe5l_default&player_name=Pfizer%20%7C%20LetsOutdoCancer%20%7C%20Standard%20controls%2C%20sharing%2C%20no%20custom&source=&autoplay=true&ads_enabled=false&usage=thumbnails!2.0.1&usage=inpage-embed&event=player_load&time=1721764769948&qos.events.content.volumechange=1721764769943&qos.performance.memory.jsHeapSizeLimit=4294705152&qos.performance.memory.usedJSHeapSize=7027290&qos.performance.memory.totalJSHeapSize=10131834&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1721764764707&qos.performance.timing.loadEventStart=1721764764707&qos.performance.timing.domComplete=1721764764707&qos.performance.timing.domContentLoadedEventEnd=1721764764379&qos.performance.timing.domContentLoadedEventStart=1721764764379&qos.performance.timing.domInteractive=1721764763276&qos.performance.timing.domLoading=1721764763252&qos.performance.timing.responseEnd=1721764763228&qos.performance.timing.responseStart=1721764763224&qos.performance.timing.requestStart=1721764762984&qos.performance.timing.secureConnectionStart=0&qos.performance.timing.connectEnd=1721764762913&qos.performance.timing.connectStart=1721764762913&qos.performance.timing.domainLookupEnd=1721764762913&qos.performance.timing.domainLookupStart=1721764762913&qos.performance.timing.fetchStart=1721764762913&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1721764762005&qos.player.dimensions=%5B%5B1721764769948%2C%220x0%22%2C%221600x1200%22%5D%5D&qos.player.pixelratio=%5B%5B1721764769948%2C1%5D%5D&qos.player.screendimensions=%5B%5B1721764769948%2C%221600x1200%22%5D%5D&seq=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 71ms
41ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=a403f7974bbdc3a5cd49fe45&player_mode=media&account=1852113022001&destination=https%3A%2F%2Fwww.pfizeruc.com%2F&platform_version=7.21.0&player=players.brightcove.com%2F1852113022001%2FSM6Flwe5l_default&player_name=Pfizer%20%7C%20LetsOutdoCancer%20%7C%20Standard%20controls%2C%20sharing%2C%20no%20custom&source=&autoplay=false&ads_enabled=false&usage=thumbnails!2.0.1&usage=inpage-embed&event=player_load&time=1721764769961&qos.performance.memory.jsHeapSizeLimit=4294705152&qos.performance.memory.usedJSHeapSize=7027290&qos.performance.memory.totalJSHeapSize=10131834&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1721764764707&qos.performance.timing.loadEventStart=1721764764707&qos.performance.timing.domComplete=1721764764707&qos.performance.timing.domContentLoadedEventEnd=1721764764379&qos.performance.timing.domContentLoadedEventStart=1721764764379&qos.performance.timing.domInteractive=1721764763276&qos.performance.timing.domLoading=1721764763252&qos.performance.timing.responseEnd=1721764763228&qos.performance.timing.responseStart=1721764763224&qos.performance.timing.requestStart=1721764762984&qos.performance.timing.secureConnectionStart=0&qos.performance.timing.connectEnd=1721764762913&qos.performance.timing.connectStart=1721764762913&qos.performance.timing.domainLookupEnd=1721764762913&qos.performance.timing.domainLookupStart=1721764762913&qos.performance.timing.fetchStart=1721764762913&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1721764762005&qos.performance.bcInit=52&qos.player.dimensions=%5B%5B1721764769961%2C%220x0%22%2C%22706x706%22%5D%5D&qos.player.pixelratio=%5B%5B1721764769961%2C1%5D%5D&qos.player.screendimensions=%5B%5B1721764769961%2C%221600x1200%22%5D%5D&seq=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 47ms
39ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 37ms
36ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 38ms
38ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 37ms
37ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Tue, 23 Jul 2024 19:59:30 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.pfizeruc.com
URL: https://www.pfizeruc.com/data-layer

Domain: edge.api.brightcove.com
URL: https://edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/6355417021112

Domain: edge.api.brightcove.com
URL: https://edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/6355449049112

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pfizeruc.com/	1970-01-20 22:16:06	Name: __cf_bm Value: HTRnqab5tIU3y5AG.E1749S8xzN9yTlhXjYLiEwqfbM-1721764763-1.0.1.1-6Oj4UHLG3dE92EEdjAOJqzPw9ikIykNL5TF2Ks3UFuMeaO1F0u_vvqMHqf1gQAzDx4OxGdnUlSfk71ln.QucyA
			.pfizeruc.com/	1969-12-31 23:59:59	Name: _cfuvid Value: c08QbQmKiEQczLicWLJNpv0MlJ.11StPzIChDPCdPs8-1721764763209-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cloudfront.net/js/hapyak.js .digitalpfizer.com .dotomi.com .force.com .franklin.edison.pfizer .hotjar.com .salesforce-sites.com .salesforce.com .salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' .brightcove.com .brightcove.net .brightcovecdn.com .contentsquare.net .demdex.net .digitalpfizer.com .doctor.com .force.com .franklin.edison.pfizer .hapyak.com .hlx.reviews/admin/ .hotjar.com .hotjar.io .salesforce-sites.com .web.pfizer .worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' .media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' .hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' .doctor.com .fls.doubleclick.net .force.com .hapyak-hosted.com .hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

edge.api.brightcove.com
metrics.brightcove.com
pfizeruc.com
players.brightcove.net
www.pfizeruc.com
edge.api.brightcove.com
www.pfizeruc.com
151.101.66.27
23.213.165.94
2606:4700::6812:dc1
35.244.232.184
003b48783206eb62d337684db5c0f092f8a90fffd3554d5d3705f291bf9ab895
02c3f6d848949b31ba78a8976a0105aef781eff6e14a293171248df11895096d
02d5c81b1dfaadd508f038a89472f13bdb0de462a8ac05c52d89c343fc9909f1
07b8cdcb68c2e3ad79d01abd6c0ecf3e1925500a744d9c41f7bb6357b6e3a5f8
0aa03471f01a424dfc896e2d8ffa177876a9ecdb56003612b349281db566065f
0f90ed2dbba947925557114c44e7674fda88b8294f07992678b7bb5bddd2ce4f
117bb71b760a71c946714afa5635c916f3f40610d06e0b743de23a79b483986b
1329ef4aee6f8b8eb0eecba2cc18a1b79de0fb309065a8a621117466ad023f33
156c6260be2bf4538a75f30a2416f5e2f7b09ade8e6b08d88e58991a43f81d00
1bf10b6ee51d6a02cf34b509212d63957646d6227855dbfd6b359742fdfbaa4e
1f756d371d8ed40df540d4b4528685bae6d446e4f6bc729a17557f646ea65492
2074c5a21a5fbfd34a34de13ee52d92ef62bcdfb0dce2d7dc10859314974c033
2d0c471e4a5275a5877f14edb0f4fdb67d8bcdaaf888f326581e292dca3b539e
364b5f4ba17bf921c32b7cd8152ef885a3f0fbc252a8cd8030b6843a85cff711
38abb83622779025211784145df6b5e69de6b60717af8c4efc51e157e9770aa7
3cd9b5b34b1aebcaa925a1a696536a9c11cde772a0353cffcc0e4e4124ad71dc
3d2d4455c5f8e1e35386d24161232ca5e6ddd76898f3edb27cdd55ebf923cee6
3d86b1985151597ca80be05da70449437e56958c3c43eba162d283565c160f28
3f86ed12103e4c27375c9c414f932bb6dcd5cf19803cee306e20d863e52cd5f9
4386854c86323d4320404638bda37b391163b9cbc04b2ece6b0cb7b874fcab9b
5172677afd790a2c2e93bc417503bd5c0db701f07a05f4df3df3ff5241951513
5266f1c6f8df0b73d47fc240fc92898750c0dfd414c7e54f6aa48dff1d3510e7
57c0e9f1b498be04594dcbd8f5a50378d8e9150b1a4b3f5f392d200ba2437fc5
5b43245f931a70af544c57cb6f2d58a15cf4bfb2f526bb19486957490c59a707
5c4c8392842fc3c219ad333cbe866bf85357ee5c750ffc484ed92bd862127c8f
60cbcc193a715c5360390eedca26437c061db81d02d6e7bd300cdefbcccd8f6d
6166c5801726215a38fe3ce626c384cb939b95c9e21b105bffa091eb1f04a142
638e29e8b6ad979efff374288df0236f5f308825a94424dc0eda934f81af8230
6480b348fa865571101323ad22649d98234e5e2381a0dd16761c5b1355f1a93b
6709692c4ea946588a97676608eb110c363010c6e9a2932bc7ed9d0a543d7589
6745a0b0c9a5fcbe8e38b826a5b84641ae339e8de31406c45295134371e189d8
6900c99ea3ec778bc57fa65bd922c0791941221994eac4125f344511b9bc8ffe
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e1423946620711e8cae21096cae3a40ecd9f1279a0a849830a6706f73fbf5a4
70b0bea3c69a4d04a5fdcf314415de1832b3069be91d829c884c65147cdcb2a5
75126b074f7deca05db04acced3f1160dc6c6904f8bb6dd61779646aec5aef2d
76d8cc582264646863f88c9376523958d16972506b5b662634145bbbce1d905d
772d58a3a5fac3f7ae868ca03ce0ba821d5257565d90205b2f98fd3ae9e14b8a
7c1df9b4fcae1d358445b436758f248e34a418ca86094ad60742c37fada98c0f
7fe2e4cea59bf4863a0e098c3b83bbef9781186dabb69f701cbab437c5b18039
80ad82ea9386119a630e121fa0779791211a2a39aa188ab1e9d8578bfada4116
82513d1b68bdc029a8e84ce0c009e226bbe2ac8b6c8ac69c5dd6332a475e9f19
8982f0ff4ff9084993876df142302a90cf542efe2c5b05d676e83799f00eaa4b
8a5f712a0a7eec7ee0851706589cb1d8880241316315434b09db4aba4de5be3e
8f9f6b50759d6d5e72a4e0d7fee5ac53e00d08cf3dfa638df19fb305688d5bc7
98a8dc66d7e8254d5e9da7f3564969f91c654b7cb08e5a601f5d97e9f8cd2074
9f8b6d72cf37a3cfd1d13079d707736647d7eb26cca1b295d4b766aa3e3f8122
a0d75e41c3718eecfda17d190a47b2db8a602a0b3c9c61fcb58485824cca06e2
a1bd1d23d51b8ce498b5e69be277148909f669b51dd13848f5f1f80e10d8dc38
a412c7eb119cddad46e615ee14664076ece9df0d2eee6b6c9067f7bf053e7c42
a61ea7898eb87ff5864b9c409fe40a3bdc45f802d88a8efa5ee2f489da23da97
a641b60226c712abfb6cd9f2cf28668470b99ae699b663aeebf6dc1cc94a7c49
a690c72577af8f1e5adf201260f3b81cfe56a6c689969ba31e506c8083acb610
b0dc15049c55861741a1740c1e1a520c2bab3d0c36c9aeb45c19bfd7c92eb64b
b32a45faa06e34d6e2ea8cc1686979d10abd2e05b8b2831911fc1a3c548d50d3
b39d81065cb59702c9a59b7d3ea2d3779380488f882ea5b72c5d6d81a1a9d876
b57ac5438f00cc908d3c3f3eaaa127754a10cedddb3709b244957e4415486989
ba9779120d0e2a82750f83845a5f3ed3dd65bfce9f052c2eb3c5d9651ad06d99
beb153e5cdf3a0d669dc62db7998370b6d58130893a8894705552cd51522487f
c38463411c20bead3f10b45d444cafa650e5c9fbb33c9597a823bd83e1716fed
c3c9c91c7b4727cc88d645fe1ec648f955d2ad67ae47d748b732bfa5fbe726c8
c485d438c10d91c6f8623feee914bbc5b1f295c31523de0a1bfd28350ae53c11
c494522dbacc3ebe700830b0663fc539d9faede84cbe1c4bc03203746ea0379b
c4cf27671ef365f8b8262254c1bc9c36a51ca9fde52f35793a963a9f3716d9fe
c8a8333bc4513f485d1b073c4470bd12049fc91714e505ce313cf690d49c87f7
c947368367e26ee028da8329301afd63647a7b17bda2582d95f3f454df9a3a19
cb5428e9b33c0075eaacd0792f24ef74879cf3cc3d32bf017e530e2465607489
cc074846ce272904261e8fe6628efd33e6e58e81d4f29df37a06fbc4d52e045d
d4aa3133fa918126152fec139e17e39c86bb7bd7b99d5ec9d20f66498f7a60e4
d564ea261d5f2a623a87658882885287da9b882119707bd66f000e121ae76294
d6776094654ab5df28ef6ee16b95ca5749791688d813b510c78a4a773c2d3bf2
d6e79d65e7ea7691e79664a5e7b37d886e605ee00041651b7084d71d8758af81
d7d4196ae87fe1ce2d341058507a1c71bbc8872d8a315a85b7fb88c2642b2b5e
de05e7860bac80f0b4bf46c6ac3e1793dd425e397e0944e2fc5abb2fd90aaf3f
e03487f3dc75a286c440bf80fbabe8f7f497b29d76aa03bdaa781b3d74bacbac
e1a8e077f917b9c7afd2cc36e33071812a88df8cc8fa6aa62e6209cac6fe4c14
e3f479bbd9d938c09c19e7be949568fc470530ec89b1e2a3edf5a17250d0a595
e5032a163bf82d2a3e1ab35c625b2df429dbe7b3000d185d1b6292fad4cfb54f
eb429bf5d7df0bc7d017604e192fd799469db198cca557bf1dc84cbeb1a6ef71
ec406fcb627646370d5dbc20527de851e28e0bab93e66dbe5d82c095b7974f5d
efb6b86d0451b5564486a0cfdcb045a092575b4a976f0aabd2ffea9f60f5c5a6
f120319b019869dd8cf37b34ec855839b27d290e8c089cf21448a37619c90712
f6b7a4aef99a268e2d2af4849897122fc023ca158a92dedb62e4e0c41fc726e1
f9069084818f64468423cb9aa777f460424d0db5406034b2cbf039c08d785f1c
fa74356a5c6924460c94e3442b767842e4465d97e4a6d5afb62c8163b7d4c5a4
faefa2545d5888dcb5e8778f2e89dfdcf4505784a8d43fd908c66ed4e7e714b9
fb805864e715facdb9053e64f1d3d1494ce9a0783189769ee9785d7cc221a4e5
fcab73383e4c5150c20c8df3c6978c26bf56e11df26587ca374c55bbdbf80273

www.pfizeruc.com Open in urlscan Pro 2606:4700::6812:dc1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

105 Requests

96 %HTTPS

25 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

848 kBTransfer

1706 kBSize

2 Cookies

11 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pfizeruc.com Open in urlscan Pro
2606:4700::6812:dc1 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

96 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

848 kB
Transfer

1706 kB
Size

2
Cookies

105 HTTP transactions
1 data transactions