urlscan.io logo urlscan.io
SecurityTrails logo

www.pfizerforall.com Open in urlscan Pro
2606:4700:4400::6812:2396  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pfizerforall.com/
Effective URL: https://www.pfizerforall.com/
Submission: On October 17 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 102 HTTP transactions. The main IP is 2606:4700:4400::6812:2396, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pfizerforall.com. The Cisco Umbrella rank of the primary domain is 330370.
TLS certificate: Issued by WE1 on September 24th 2024. Valid for: 3 months.
This is the only time www.pfizerforall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 89 2606:4700:440... 13335 (CLOUDFLAR...)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 143.204.215.7 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 3 34.248.127.197 16509 (AMAZON-02)
1 35.241.19.70 15169 (GOOGLE)
1 52.31.110.142 16509 (AMAZON-02)
2 63.140.62.17 16509 (AMAZON-02)
1 1 52.18.168.199 16509 (AMAZON-02)
102 9
89    2606:4700:4400::6812:2396 (United States)

ASN13335 (CLOUDFLARENET, US)
pfizerforall.com
www.pfizerforall.com
6    2a02:26f0:3500:58c::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    143.204.215.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-7.fra53.r.cloudfront.net
analytics.digitalpfizer.com
2    2606:4700:4400::6812:23d6 (United States)

ASN13335 (CLOUDFLARENET, US)
ms-forms-service-production.digitalpfizer.com
3    34.248.127.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-127-197.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    35.241.19.70 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 70.19.241.35.bc.googleusercontent.com
sync.graph.bluecava.com
1    52.31.110.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-110-142.eu-west-1.compute.amazonaws.com
pfizer.demdex.net
2    63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net
smetrics.pfizerforall.com
1    52.18.168.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-168-199.eu-west-1.compute.amazonaws.com
cm.everesttech.net
Apex Domain
Subdomains		 Transfer
91 pfizerforall.com
pfizerforall.com — Cisco Umbrella Rank: 326916
www.pfizerforall.com — Cisco Umbrella Rank: 330370
smetrics.pfizerforall.com
618 KB
6 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 430
28 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
pfizer.demdex.net — Cisco Umbrella Rank: 195939
2 KB
3 digitalpfizer.com
analytics.digitalpfizer.com — Cisco Umbrella Rank: 115446
ms-forms-service-production.digitalpfizer.com — Cisco Umbrella Rank: 336212
94 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1371
490 B
1 bluecava.com
sync.graph.bluecava.com — Cisco Umbrella Rank: 2450
247 B
102 6
Domain Requested by
88 www.pfizerforall.com 2 redirects www.pfizerforall.com
6 assets.adobedtm.com www.pfizerforall.com
assets.adobedtm.com
3 dpm.demdex.net 1 redirects
2 smetrics.pfizerforall.com analytics.digitalpfizer.com
2 ms-forms-service-production.digitalpfizer.com www.pfizerforall.com
1 cm.everesttech.net 1 redirects
1 pfizer.demdex.net analytics.digitalpfizer.com
1 sync.graph.bluecava.com
1 analytics.digitalpfizer.com www.pfizerforall.com
1 pfizerforall.com 1 redirects
102 10

This site contains links to these domains. Also see Links.

Domain
www.vaxassist.com
www.nurtec.com
www.paxlovid.com
www.pfizer.com
Subject Issuer Validity Valid
pfizerforall.com
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-08-09		 a year crt.sh
analytics.digitalpfizer.com
Amazon RSA 2048 M02		 2024-05-19 -
2025-06-17		 a year crt.sh
ms-forms-service-production.digitalpfizer.com
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
sync.graph.bluecava.com
WR3		 2024-10-14 -
2025-01-12		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-25 -
2025-10-26		 a year crt.sh
smetrics.pfizerforall.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-27 -
2025-09-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.pfizerforall.com/
Frame ID: CAF7AF564BE9C1BD6C021A55C4F81744
Requests: 100 HTTP requests in this frame

Frame: https://pfizer.demdex.net/dest5.html?d_nsid=0
Frame ID: 4AF8E49BB1EC3CDEDFCDF7884270A65A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PfizerForAllâ„¢ | Official Site

Page URL History Show full URLs

  1. https://pfizerforall.com/ HTTP 301
    https://www.pfizerforall.com/ Page URL

Page Statistics

102
Requests

95 %
HTTPS

33 %
IPv6

6
Domains

10
Subdomains

9
IPs

3
Countries

741 kB
Transfer

1577 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pfizerforall.com/ HTTP 301
    https://www.pfizerforall.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.pfizerforall.com/favicon.ico HTTP 301
  • https://www.pfizerforall.com/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
Request Chain 85
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=2FE3252C54CC13CC0A4C98A7%40AdobeOrg&d_nsid=0&ts=1729170251327 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=2FE3252C54CC13CC0A4C98A7%40AdobeOrg&d_nsid=0&ts=1729170251327
Request Chain 89
  • https://cm.everesttech.net/cm/dd?d_uuid=25986008421778260014023634626869974069 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxELSwAAALTjrgNn
Request Chain 92
  • https://www.pfizerforall.com/favicon.ico HTTP 301
  • https://www.pfizerforall.com/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico

102 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.pfizerforall.com/
Redirect Chain
  • https://pfizerforall.com/
  • https://www.pfizerforall.com/
11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354928e6ad631a70e15819cb6202d1a733a30c0fb27faf9dcc10990589c27cf3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
cf-cache-status
HIT
cf-ray
8d407e2abe53d2d3-FRA
content-encoding
br
content-security-policy
connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-type
text/html; charset=utf-8
date
Thu, 17 Oct 2024 13:04:09 GMT
last-modified
Mon, 30 Sep 2024 13:38:23 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
surrogate-key
v280--pfizerforallcomus--pfizer EyZqVsC1h0CpLeUS 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_metadata v280--pfizerforallcomus--pfizer_head 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8
vary
Accept-Encoding,X-Forwarded-Host
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, HIT
x-cache-hits
0, 3, 0
x-content-type-options
nosniff
x-edison-type
Adobe
x-frame-options
SAMEORIGIN
x-franklin-ref
v280
x-served-by
cache-iad-kiad7000080-IAD, cache-iad-kiad7000080-IAD, cache-fra-eddf8230124-FRA
x-timer
S1728546991.040002,VS0,VE2
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=3600
cf-ray
8d407e281e57d2d3-FRA
content-length
167
content-type
text/html
date
Thu, 17 Oct 2024 13:04:09 GMT
expires
Thu, 17 Oct 2024 14:04:08 GMT
location
https://www.pfizerforall.com/
server
cloudflare
vary
Accept-Encoding
scripts.js
www.pfizerforall.com/scripts/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/scripts/scripts.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4eb6cf0bbe627690ca359e51733d94aa5d8b8b286351f223faf80cae5305f10
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"6206819d0340916c5f0368f91cd5f0db"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code eSyU5OaBckjQAMxr
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:09 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 30 Sep 2024 08:41:06 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100157-IAD, cache-iad-kjyo7100157-IAD, cache-fra-eddf8230071-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727938538.780089,VS0,VE2
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2c0a74d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2153
x-xss-protection
1; mode=block
server
cloudflare
styles.css
www.pfizerforall.com/styles/ 		303 B
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/styles/styles.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4b760964fe5ffd42fc96cf43fbea136ec0c51911df1f907dac32530dee00c03
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"c3c5fd1b442fe770ec19681a126f139e"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code 9XPQT80S-7dqn8um
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:09 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 24 Jul 2024 21:41:31 GMT
vary
Accept-Encoding
x-cache-hits
0, 4, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100057-IAD, cache-iad-kjyo7100057-IAD, cache-fra-eddf8230128-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937929.118168,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2c0a6cd2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
149
x-xss-protection
1; mode=block
server
cloudflare
overlay.js
www.pfizerforall.com/scripts/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/scripts/overlay.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e57ac9a6ff3d0824fe70d1b5164940b86c774f688518fa0eb9b752ceef35872
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/scripts.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"5d8b8e2b08b81325d777043bd4e789ff"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code a7FmxKE0Xhh8rSdu
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:09 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 23 Sep 2024 10:56:39 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200144-IAD, cache-iad-kcgs7200144-IAD, cache-fra-eddf8230107-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937929.489536,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2d1db3d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1485
x-xss-protection
1; mode=block
server
cloudflare
scripts.js
www.pfizerforall.com/lib/scripts/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/scripts.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2103e1dea3313151226fb557de2d8dfdd02cc8211139c1b3a162eb5575aceef4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/scripts.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"0ab110b53a03b48db1d3087345449564"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code X6ntZNtp0JyCDg0d
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:09 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 25 Jul 2024 18:59:59 GMT
vary
Accept-Encoding
x-cache-hits
0, 51, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100174-IAD, cache-iad-kjyo7100174-IAD, cache-fra-eddf8230102-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.549582,VS0,VE91
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2d1db7d2d3-FRA
accept-ranges
bytes
content-length
4029
x-xss-protection
1; mode=block
server
cloudflare
analytics-tracking.js
www.pfizerforall.com/scripts/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/scripts/analytics-tracking.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdb8c06fe4ac45d3ff22f07f844f2532ae85420da387b63b49a25f71ba557ee
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/scripts.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"21cf0fae0b55041e1007a9397bb08138"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code 03bLy2jXmMN1JXbs
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:09 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 14:24:29 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100101-IAD, cache-iad-kjyo7100101-IAD, cache-fra-eddf8230075-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937929.324824,VS0,VE91
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2d1db9d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6642
x-xss-protection
1; mode=block
server
cloudflare
tokens.css
www.pfizerforall.com/lib/styles/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/styles/tokens.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80c159f96b8e00d3b0a2730d71e31eb905d94354e94bfb0199f10e565d7de8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/styles/styles.css

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"3b547c1f2cd74a721783e1ea211a24bc"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code Y5nQjqw8j7h-qq2W
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:09 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 14 Aug 2024 19:43:49 GMT
vary
Accept-Encoding
x-cache-hits
0, 10, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kiad7000156-IAD, cache-fra-eddf8230104-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.536194,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2d2df5d2d3-FRA
accept-ranges
bytes
content-length
1307
x-xss-protection
1; mode=block
server
cloudflare
styles.css
www.pfizerforall.com/lib/styles/ 		45 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/styles/styles.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc325f8cdeb9ba233226feca3535666455a8ec3410f72f97c0bc9a6ceb0823b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/styles/styles.css

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"e5f56d48de2d350cff88ed797ffb5210"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code OmUdu6hImwXu0nvJ
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:09 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 14 Aug 2024 19:43:49 GMT
vary
Accept-Encoding
x-cache-hits
0, 12, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000102-IAD, cache-iad-kiad7000102-IAD, cache-fra-eddf8230095-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.544928,VS0,VE2
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2d2df8d2d3-FRA
accept-ranges
bytes
content-length
7080
x-xss-protection
1; mode=block
server
cloudflare
tokens.css
www.pfizerforall.com/styles/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/styles/tokens.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcf8f68021b5c38ed802dbbe87e4bdd55e0d35e1ea2b912e5ac7b79421663a83
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/styles/styles.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"02a079e1e37d99841e2d667e60264150"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code zZThVHb34Wp3NjLD
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 17 Sep 2024 14:13:11 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100170-IAD, cache-iad-kjyo7100170-IAD, cache-bma1643-BMA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937930.569481,VS0,VE103
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2d2df9d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1325
x-xss-protection
1; mode=block
server
cloudflare
default.css
www.pfizerforall.com/styles/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/styles/default.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50f25128babd9aceb48ca425c8a247195867d2eb22aefbfb460b3303ccb18101
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/styles/styles.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"310f2a602c854207f711b5caf6d190e6"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code MRgMoo3Tvus0tYkn
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:09 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 24 Sep 2024 09:12:39 GMT
vary
Accept-Encoding
x-cache-hits
0, 4, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100069-IAD, cache-iad-kjyo7100069-IAD, cache-fra-eddf8230122-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937929.464930,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2d2dfbd2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2696
x-xss-protection
1; mode=block
server
cloudflare
banner-bg.css
www.pfizerforall.com/styles/sections/ 		30 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/styles/sections/banner-bg.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a8a38a93f3a5e8b44a2281ebae98e3ec9ceb855d6519684ec608d1688a7654
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/styles/styles.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"45ef554c0f3d2611b8cb7789622d9ef1"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code 5oGc9WKBu0hRIZn3
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:09 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 02 Oct 2024 12:11:39 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000150-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230124-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937930.670167,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2d2dfed2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4321
x-xss-protection
1; mode=block
server
cloudflare
lib-franklin.js
www.pfizerforall.com/lib/scripts/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d843badb9fe947366c8ce9b8506f92df92ff8d5c44673c4b0af12b2562cab338
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/overlay.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"38de9291b6345df6815a3ca27b9504d4"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code 4QOpWf3PFxDsxR3n
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 25 Jul 2024 20:33:50 GMT
vary
Accept-Encoding
x-cache-hits
0, 36, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100174-IAD, cache-iad-kjyo7100174-IAD, cache-bma1627-BMA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.655487,VS0,VE2
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2e087ed2d3-FRA
accept-ranges
bytes
content-length
6872
x-xss-protection
1; mode=block
server
cloudflare
ext-links.js
www.pfizerforall.com/lib/scripts/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/ext-links.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d5c81b1dfaadd508f038a89472f13bdb0de462a8ac05c52d89c343fc9909f1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/overlay.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"9865ce7022e46a08feafd6ddad8d0cbf"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code L7IrXmGfCNzZSWll
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 14 May 2024 13:10:31 GMT
vary
Accept-Encoding
x-cache-hits
0, 15, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200158-IAD, cache-iad-kcgs7200158-IAD, cache-fra-eddf8230126-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727773155.139712,VS0,VE1
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2e0883d2d3-FRA
accept-ranges
bytes
content-length
1111
x-xss-protection
1; mode=block
server
cloudflare
lang-helpers.js
www.pfizerforall.com/lib/scripts/ 		743 B
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/lang-helpers.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
772d58a3a5fac3f7ae868ca03ce0ba821d5257565d90205b2f98fd3ae9e14b8a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/overlay.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"c144af1e87b9595882d4aaf5b6846042"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code rhREjqBi3zgBvMDH
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 15 May 2024 16:27:03 GMT
vary
Accept-Encoding
x-cache-hits
0, 21, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100128-IAD, cache-iad-kjyo7100128-IAD, cache-fra-eddf8230139-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1729111673.496654,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2e0885d2d3-FRA
accept-ranges
bytes
content-length
342
x-xss-protection
1; mode=block
server
cloudflare
analytics.js
www.pfizerforall.com/lib/scripts/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/analytics.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe2e4cea59bf4863a0e098c3b83bbef9781186dabb69f701cbab437c5b18039
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/analytics-tracking.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"6d948575bbd2186e68cf82025f7463cc"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code FTtkgzpXfP41bEMo
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 07 Jun 2024 13:26:01 GMT
vary
Accept-Encoding
x-cache-hits
0, 16, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100025-IAD, cache-iad-kjyo7100025-IAD, cache-fra-eddf8230082-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.561713,VS0,VE3
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2e18add2d3-FRA
accept-ranges
bytes
content-length
1580
x-xss-protection
1; mode=block
server
cloudflare
adobe-launch.js
www.pfizerforall.com/lib/scripts/ 		940 B
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/adobe-launch.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c0e9f1b498be04594dcbd8f5a50378d8e9150b1a4b3f5f392d200ba2437fc5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/analytics-tracking.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"fbb7ed53118ecc755dddb5026811ef1f"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code gNQmQ6LShfi3Zvko
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 26 Jun 2024 15:52:27 GMT
vary
Accept-Encoding
x-cache-hits
0, 25, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200179-IAD, cache-iad-kcgs7200179-IAD, cache-fra-eddf8230109-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.534098,VS0,VE2
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2e18b1d2d3-FRA
accept-ranges
bytes
content-length
412
x-xss-protection
1; mode=block
server
cloudflare
index.js
www.pfizerforall.com/lib/scripts/analytics/ 		1 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/analytics/index.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec406fcb627646370d5dbc20527de851e28e0bab93e66dbe5d82c095b7974f5d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/analytics-tracking.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"1f517bb4e2c448af1dfb30f1f7ec36e5"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code CshfVA10nqtqogfF
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 26 Jun 2024 15:52:27 GMT
vary
Accept-Encoding
x-cache-hits
0, 53, 47
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100081-IAD, cache-iad-kjyo7100081-IAD, cache-bma1677-BMA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.553867,VS0,VE1
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2e18b4d2d3-FRA
accept-ranges
bytes
content-length
500
x-xss-protection
1; mode=block
server
cloudflare
pfizer-utilities.js
www.pfizerforall.com/lib/scripts/ 		3 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/pfizer-utilities.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a690c72577af8f1e5adf201260f3b81cfe56a6c689969ba31e506c8083acb610
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/scripts.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"ce0d8a1ee948dbe2059228d4c489025f"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code 2VcF7eiOIzNvxblw
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 23 Feb 2024 17:02:46 GMT
vary
Accept-Encoding
x-cache-hits
0, 12, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200128-IAD, cache-fra-etou8220115-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728593894.426239,VS0,VE91
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2e4931d2d3-FRA
accept-ranges
bytes
content-length
1314
x-xss-protection
1; mode=block
server
cloudflare
core-utilities.js
www.pfizerforall.com/lib/scripts/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/core-utilities.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a641b60226c712abfb6cd9f2cf28668470b99ae699b663aeebf6dc1cc94a7c49
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/scripts.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"b6442e43f63fa16fe077965f3d79d860"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code EC95KR_HkmelGytK
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 08 May 2024 18:35:45 GMT
vary
Accept-Encoding
x-cache-hits
0, 15, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200169-IAD, cache-iad-kcgs7200169-IAD, cache-fra-eddf8230031-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.799411,VS0,VE1
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2e493cd2d3-FRA
accept-ranges
bytes
content-length
3754
x-xss-protection
1; mode=block
server
cloudflare
env.js
www.pfizerforall.com/lib/ 		813 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/env.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
111012f922855b9a1e0402690d21eef8c990213c1d6fa2df6e6a66dd7f6a6c82
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/scripts.js

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-edison-type
Adobe
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-ray
8d407e2e4941d2d3-FRA
date
Thu, 17 Oct 2024 13:04:10 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
overlay.js
www.pfizerforall.com/lib/scripts/ 		3 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/overlay.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df5d1ad0e8d8e9fc311d8ba6dc9e163ca73411c0eb60db294628e31c58b4f7d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/scripts.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"8cee6410f42f5227680f0d1d14edf08a"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code upAkXWREmDU0pibx
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 20 Aug 2024 19:14:03 GMT
vary
Accept-Encoding
x-cache-hits
0, 27, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000142-IAD, cache-iad-kiad7000142-IAD, cache-bma1635-BMA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.847856,VS0,VE2
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2e4945d2d3-FRA
accept-ranges
bytes
content-length
1350
x-xss-protection
1; mode=block
server
cloudflare
common-decorators.js
www.pfizerforall.com/lib/scripts/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/common-decorators.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb6b86d0451b5564486a0cfdcb045a092575b4a976f0aabd2ffea9f60f5c5a6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/lib-franklin.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"e5b08ef9dc8be78940566697a9a20335"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code yt-_F1lIWA6iqEEZ
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 29 Apr 2024 20:07:36 GMT
vary
Accept-Encoding
x-cache-hits
0, 34, 3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000036-IAD, cache-iad-kiad7000036-IAD, cache-bma1628-BMA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.825037,VS0,VE0
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2eeb68d2d3-FRA
accept-ranges
bytes
content-length
2994
x-xss-protection
1; mode=block
server
cloudflare
helpers.js
www.pfizerforall.com/lib/scripts/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/helpers.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c9c91c7b4727cc88d645fe1ec648f955d2ad67ae47d748b732bfa5fbe726c8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/analytics/index.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"4899651fcdaeeef7a9600f7b2f20dcc9"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code uIi94axRnA9ZXc9H
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 30 Nov 2023 13:05:54 GMT
vary
Accept-Encoding
x-cache-hits
0, 2, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000175-IAD, cache-iad-kiad7000175-IAD, cache-fra-eddf8230136-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.727741,VS0,VE2
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2f0bbdd2d3-FRA
accept-ranges
bytes
content-length
1275
x-xss-protection
1; mode=block
server
cloudflare
tag-manager.js
www.pfizerforall.com/lib/scripts/ 		426 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/tag-manager.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c494522dbacc3ebe700830b0663fc539d9faede84cbe1c4bc03203746ea0379b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/adobe-launch.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"39514638c66eb01052469024ec3d5f3d"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code p5QT-HIe16UNsOaK
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 26 Jun 2024 15:52:27 GMT
vary
Accept-Encoding
x-cache-hits
0, 21, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200178-IAD, cache-iad-kcgs7200178-IAD, cache-fra-eddf8230125-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727773155.334563,VS0,VE1
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2f0bc8d2d3-FRA
accept-ranges
bytes
content-length
234
x-xss-protection
1; mode=block
server
cloudflare
placeholders.json
www.pfizerforall.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/placeholders.json
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12db06acc0cdfd4bc10589d7154c3202da0902f75d47095ff075fea8cd3cf73f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-edison-type
Adobe
x-franklin-ref
v280
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-ray
8d407e2fee93d2d3-FRA
date
Thu, 17 Oct 2024 13:04:10 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
www.pfizerforall.com/assets/icons/
Redirect Chain
  • https://www.pfizerforall.com/favicon.ico
  • https://www.pfizerforall.com/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
Protocol
H2
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
003b48783206eb62d337684db5c0f092f8a90fffd3554d5d3705f291bf9ab895
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
surrogate-key
main--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_media tQ2kk_88pddGAE7B
cf-cache-status
HIT
etag
W/"943456f5190dd2659dd0d176a60658bd"
content-encoding
br
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 18 Jun 2024 15:14:08 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kcgs7200143-IAD, cache-fra-eddf8230045-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=2592000, must-revalidate
cdn-cache-control
max-age=2592000, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.505473,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e30e9bfd2d3-FRA
x-xss-protection
1; mode=block
server
cloudflare

Redirect headers

x-franklin-ref
v280
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 U7Jh-a1U8SdPKM_e
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache
HIT, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kcgs7200025-IAD, cache-bma1651-BMA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
location
/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
retry-after
0
cdn-cache-control
max-age=172800, must-revalidate
x-timer
S1729069530.014834,VS0,VE2
x-edison-type
Adobe
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2fee9dd2d3-FRA
x-xss-protection
1; mode=block
server
cloudflare
analytics-pagename.json
www.pfizerforall.com/global/ 		833 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/global/analytics-pagename.json
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/scripts/analytics-tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
621fbab5baf6954202030258e782944e334aa1a072b7c0b825f16da63caf8b9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
surrogate-key
v280--pfizerforallcomus--pfizer gtYY_fGDSNi62jy7 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
application/json
last-modified
Wed, 11 Sep 2024 11:58:48 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000045-IAD, cache-iad-kiad7000045-IAD, cache-fra-eddf8230132-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547085.378394,VS0,VE88
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e3088bdd2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
303
x-xss-protection
1; mode=block
server
cloudflare
nav.plain.html
www.pfizerforall.com/global/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/global/nav.plain.html
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/core-utilities.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44c80cce6be5ed5260ee60e2cbd99dd32196fd37946def676c6a602a3037856b
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
surrogate-key
v280--pfizerforallcomus--pfizer SXwANQ4UozdR_9RI 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_metadata v280--pfizerforallcomus--pfizer_head 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 11 Sep 2024 11:27:43 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000124-IAD, cache-iad-kiad7000124-IAD, cache-fra-eddf8230068-FRA
content-security-policy
connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.598013,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e311a5cd2d3-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
placeholders.json
www.pfizerforall.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/placeholders.json
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12db06acc0cdfd4bc10589d7154c3202da0902f75d47095ff075fea8cd3cf73f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-edison-type
Adobe
x-franklin-ref
v280
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-ray
8d407e311a65d2d3-FRA
date
Thu, 17 Oct 2024 13:04:10 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
loadstylesheets.js
www.pfizerforall.com/scripts/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/scripts/loadstylesheets.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86ed5e9a7cde440093e6ff1d3667096b5515c3c80c0ea56844e760ebc5029e9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/scripts.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"0654ae137d3613e4615d54935f4ecc32"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code nXTW2qmALO6_ihUK
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 10 Sep 2024 19:10:09 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100036-IAD, cache-iad-kjyo7100036-IAD, cache-bma1626-BMA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.570530,VS0,VE104
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e311a69d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
469
x-xss-protection
1; mode=block
server
cloudflare
fonts.css
www.pfizerforall.com/styles/ 		720 B
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/styles/fonts.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a6606b5cc28b2e224902191d2a9354adde557ea0d4e95446f360f7cffcf9e85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"32c2d4c1e4da64d433a0e2594facfb6c"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code CqGKdzAbHJI71x1l
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 18 Sep 2024 13:32:05 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200080-IAD, cache-iad-kcgs7200080-IAD, cache-fra-eddf8230034-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.549844,VS0,VE88
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e311a6ed2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
211
x-xss-protection
1; mode=block
server
cloudflare
external-link-allowlist.json
www.pfizerforall.com/global/popups/ 		179 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/global/popups/external-link-allowlist.json
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/pfizer-utilities.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87aa72e508452c32a33cebb50465993412ee17616695928cf3c7b0f79d91681c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
surrogate-key
v280--pfizerforallcomus--pfizer 970oIZuUSRF4FxrU 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
application/json
last-modified
Mon, 09 Sep 2024 14:54:16 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000042-IAD, cache-iad-kiad7000042-IAD, cache-fra-eddf8230089-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.587599,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e311a70d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
127
x-xss-protection
1; mode=block
server
cloudflare
coughing-white.svg
www.pfizerforall.com/assets/icons/ 		964 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/coughing-white.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5990aacddb433d2f33f837fadcd6daa7b2103ee4b14c5a2c1052839bc4c97ff3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"405c931379aed3b18a80bd3fc2c3a848"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 Wqr4sFxfx2tEVXUT
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Aug 2024 09:37:09 GMT
vary
Accept-Encoding
x-cache-hits
0, 1, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100024-IAD, cache-iad-kjyo7100024-IAD, cache-fra-eddf8230088-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.590343,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312a8bd2d3-FRA
accept-ranges
bytes
content-length
455
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
right-circle-arrow.svg
www.pfizerforall.com/assets/icons/ 		741 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/right-circle-arrow.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7accc3686e1b0c033ef07b7625e48a86e2b8758f093ccf3b078b7c4a6689d9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"5ec058ce58e54b803fcfcbda723c223f"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 rgbrk4ZYzKzTJLdd
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/svg+xml
last-modified
Thu, 11 Jul 2024 23:15:01 GMT
vary
Accept-Encoding
x-cache-hits
0, 2, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200170-IAD, cache-iad-kcgs7200170-IAD, cache-fra-eddf8230108-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728588694.732563,VS0,VE4
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312a8cd2d3-FRA
accept-ranges
bytes
content-length
391
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
migraine-white.svg
www.pfizerforall.com/assets/icons/ 		872 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/migraine-white.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85195ea9e6abc960e5a8429c546229d263b53237b8ee756a9d712459db0de06
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"290e662b11fbbbd7ec82760235ee10da"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 UA9Nhq3657AltjWl
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Aug 2024 09:37:28 GMT
vary
Accept-Encoding
x-cache-hits
0, 1, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100164-IAD, cache-iad-kjyo7100164-IAD, cache-fra-eddf8230107-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.602451,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312a8ed2d3-FRA
accept-ranges
bytes
content-length
500
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
bandage.svg
www.pfizerforall.com/assets/icons/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/bandage.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e723c835006e69ef524890a80338f7c2cfb503c9aeb49d65db0f648d5bbd8cd3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"936ece8319af5e35cae51a9bd8d3cd01"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 yqEA_8XQ3941FUi6
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Aug 2024 06:40:46 GMT
vary
Accept-Encoding
x-cache-hits
0, 1, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000061-IAD, cache-iad-kiad7000061-IAD, cache-fra-eddf8230106-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.600670,VS0,VE91
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312a91d2d3-FRA
accept-ranges
bytes
content-length
1165
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
prescription-medication-bottle-white.svg
www.pfizerforall.com/assets/icons/ 		648 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/prescription-medication-bottle-white.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32895c2688e7b007eb89c0a25a074a13c09fd911068c556407ee50b188a7a0ce
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"c183c7d42eea74889a141ddf531d09f4"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 zAdaObC0V-wEm9ML
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Aug 2024 09:31:38 GMT
vary
Accept-Encoding
x-cache-hits
0, 2, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100020-IAD, cache-iad-kjyo7100020-IAD, cache-vie6360-VIE
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.651278,VS0,VE102
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312a96d2d3-FRA
accept-ranges
bytes
content-length
355
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
unionsubmit-icon.svg
www.pfizerforall.com/assets/icons/ 		559 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/unionsubmit-icon.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d359a3c211bb10fe3e41a1c16d110a6431e42bf243ad5e2d7c76b8e1bdc54386
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"7406e492469973f7c9f2c0dc5e2a7664"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 vOxR5HJnY5UrWyC6
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/svg+xml
last-modified
Tue, 23 Jul 2024 20:13:28 GMT
vary
Accept-Encoding
x-cache-hits
0, 2, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200174-IAD, cache-iad-kcgs7200174-IAD, cache-fra-eddf8230137-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.600499,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312a97d2d3-FRA
accept-ranges
bytes
content-length
345
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
icon-arrow-circle.svg
www.pfizerforall.com/assets/icons/ 		591 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/icon-arrow-circle.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7560f76ff53991b9d4ad0d75762f1af86ad36d319e2b02d75297576a11d65c0b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"3af32e6cb2e064bf9b14c0ae589377d6"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 vLFPRusKDn_C9XYO
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/svg+xml
last-modified
Mon, 01 Jul 2024 00:48:54 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100063-IAD, cache-iad-kjyo7100063-IAD, cache-fra-eddf8230038-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.610014,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312a9bd2d3-FRA
accept-ranges
bytes
content-length
353
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
lottie.css
www.pfizerforall.com/blocks/lottie/ 		799 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/lottie/lottie.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82369f4c6d017464bb690c075cb3a36b00064b877a41e70bd9d48b9cc468da12
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"44ec9edea342b0a638492c2b963479ea"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code ZOYqB0QHOfPCoDEI
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 30 Aug 2024 18:32:36 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200082-IAD, cache-iad-kcgs7200082-IAD, cache-fra-eddf8230145-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.573380,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312a9ed2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
320
x-xss-protection
1; mode=block
server
cloudflare
lottie.js
www.pfizerforall.com/blocks/lottie/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/lottie/lottie.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1edf3ad2e376595102271ab2fa7488267107b032d436b636e3049b79865c395
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/lib-franklin.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"94015e9b1c3bd34afcf02abb3ef3acbb"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code u1uO1f6QSjJ_NE7c
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 13:48:37 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100169-IAD, cache-iad-kjyo7100169-IAD, cache-fra-eddf8230022-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.566994,VS0,VE88
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312aa1d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
830
x-xss-protection
1; mode=block
server
cloudflare
quiz-overlay.js
www.pfizerforall.com/scripts/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/scripts/quiz-overlay.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/scripts/loadstylesheets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550f00851cefc14ed06a6d1d38e567149330b18e4d4eab91501e89e4b6f6e7fb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/loadstylesheets.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"3e5d96ccea8459eae751f4faf83813b4"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code e2o7l5CiujeD3-_6
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 06 Sep 2024 22:20:55 GMT
vary
Accept-Encoding
x-cache-hits
0, 8, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kcgs7200092-IAD, cache-fra-eddf8230134-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727938539.780030,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e318bf9d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1394
x-xss-protection
1; mode=block
server
cloudflare
two-cards-block.css
www.pfizerforall.com/styles/sections/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/styles/sections/two-cards-block.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3096f0b1a39a9112c33129afcb3782856871d3c99c734b5ade0f94b1085a2edb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"ced24d27a71d7b0f3949047a4cc05e53"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code dTlVbSlm5IeTfBl-
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 19 Sep 2024 18:04:12 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100039-IAD, cache-iad-kjyo7100039-IAD, cache-fra-eddf8230025-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.819265,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e318bf1d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1152
x-xss-protection
1; mode=block
server
cloudflare
vaccines-colums.css
www.pfizerforall.com/styles/sections/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/styles/sections/vaccines-colums.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4678bd109864b10bf2f908339e62ecc5598165dc0a23e7d9edb7c12d3d928282
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"00939c94751e92713ee984ecc319a353"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code VUYHnttu-ttBJ1nd
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 18 Sep 2024 09:44:00 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000036-IAD, cache-iad-kiad7000036-IAD, cache-fra-eddf8230069-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.797658,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e318bf7d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
927
x-xss-protection
1; mode=block
server
cloudflare
PfizerDiatype-Regular.woff2
www.pfizerforall.com/assets/fonts/ 		48 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/fonts/PfizerDiatype-Regular.woff2
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbc8302498077001d6b68303dafc7e84d52e1dfbb1c7d6e606d816abf3e86978
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/styles/fonts.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"14e354b7d406d2ec12edd0da2ebb5064"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code tvoq8PglzdKA1wgl
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
font/woff2
last-modified
Wed, 18 Sep 2024 02:21:30 GMT
vary
Accept-Encoding
x-cache-hits
0, 1, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000164-IAD, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230147-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.751035,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e31dcf5d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
49432
x-xss-protection
1; mode=block
server
cloudflare
lottie.min.js
www.pfizerforall.com/scripts/ 		298 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/scripts/lottie.min.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0757321f974527bda3cc2593bf56cc7ffe4578421249ced6ae49ffb1c529f90
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/blocks/lottie/lottie.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"8466be3a2553ab0eab3286400dc8e336"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code 77Fsysr1blNGZtpH
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 26 Aug 2024 16:10:02 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kcgs7200143-IAD, cache-fra-eddf8230052-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1729162395.716696,VS0,VE2
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e31dcf7d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
76759
x-xss-protection
1; mode=block
server
cloudflare
analytics-worker.js
www.pfizerforall.com/lib/scripts/analytics/legacy/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/analytics/legacy/analytics-worker.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/analytics/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4c8392842fc3c219ad333cbe866bf85357ee5c750ffc484ed92bd862127c8f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/analytics/index.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"35424656c9f5b8c944fdd0dbabbdc42f"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code u5PtMMQjHQSzj0EG
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 26 Jun 2024 15:52:27 GMT
vary
Accept-Encoding
x-cache-hits
0, 2, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000153-IAD, cache-iad-kiad7000153-IAD, cache-fra-eddf8230149-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.333536,VS0,VE1
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e31ed2dd2d3-FRA
accept-ranges
bytes
content-length
713
x-xss-protection
1; mode=block
server
cloudflare
analytics.js
www.pfizerforall.com/lib/scripts/analytics/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/analytics/analytics.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c947368367e26ee028da8329301afd63647a7b17bda2582d95f3f454df9a3a19
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/analytics/legacy/analytics-worker.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"f0690e68b8ec60011b756aad3645bbc7"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code Oc8OYT8E_ZU9bWoi
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 26 Jun 2024 15:52:27 GMT
vary
Accept-Encoding
x-cache-hits
0, 35, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200047-IAD, cache-iad-kcgs7200047-IAD, cache-bma1673-BMA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196799.455887,VS0,VE5
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e324e77d2d3-FRA
accept-ranges
bytes
content-length
1506
x-xss-protection
1; mode=block
server
cloudflare
hero.json
www.pfizerforall.com/assets/lottie-source/ 		109 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/lottie-source/hero.json
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/scripts/lottie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c1a2932e99c472d230373137efa8f12a15f3d27491377f06a69126f3c1881b8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
surrogate-key
v280--pfizerforallcomus--pfizer pTRzTwQk8LVBnwiq v280--pfizerforallcomus--pfizer_code
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
application/json
last-modified
Mon, 26 Aug 2024 16:10:02 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200133-IAD, cache-iad-kcgs7200133-IAD, cache-fra-eddf8230026-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.191742,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e329f61d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16931
x-xss-protection
1; mode=block
server
cloudflare
media_1e09d0ba51610f4b851f79c7471d0435500ad5b14.png
www.pfizerforall.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pfizerforall.com/media_1e09d0ba51610f4b851f79c7471d0435500ad5b14.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6634152b4947c7d0ea5cc17bb0025a9eb45e47b61c1546e812b829740fca00
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

fastly-io-info
ifsz=1356480 idim=5760x3072 ifmt=png ofsz=8644 odim=2000x1067 ofmt=webp
x-franklin-ref
v280
surrogate-key
v279--pfizerforallcomus--pfizer main--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_media AqtRBT3lEXJPflM4
cf-cache-status
HIT
etag
"qrjGAQ0d/ei72Y7Wa9dugdhCN1zwR52riIW5pDY6i3U"
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 18:08:39 GMT
vary
Accept-Encoding
x-cache-hits
0, 139, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
fastly-stats
io=1
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=2592000, must-revalidate
cdn-cache-control
max-age=2592000, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.200020,VS0,VE2
x-served-by
cache-iad-kjyo7100158-IAD, cache-iad-kjyo7100158-IAD, cache-fra-eddf8230140-FRA
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e329f64d2d3-FRA
accept-ranges
bytes
content-length
8644
fastly-io-served-by
vpop-kiad7010217
x-xss-protection
1; mode=block
server
cloudflare
analytics-inteface.js
www.pfizerforall.com/lib/scripts/analytics/ 		559 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/lib/scripts/analytics/analytics-inteface.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39d81065cb59702c9a59b7d3ea2d3779380488f882ea5b72c5d6d81a1a9d876
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/analytics/analytics.js

Response headers

x-franklin-lib
libraryfranklinpfizer - release40
x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"4f8fee63e825469ea58dfeb026080105"
surrogate-key
release40--libraryfranklinpfizer--pfizer release40--libraryfranklinpfizer--pfizer_code byEbyV5cJOI8pqm6
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 30 Nov 2023 13:05:54 GMT
vary
Accept-Encoding
x-cache-hits
0, 1100, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200171-IAD, cache-iad-kcgs7200171-IAD, cache-hel1410025-HEL
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727196800.649619,VS0,VE1
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e32bfacd2d3-FRA
accept-ranges
bytes
content-length
235
x-xss-protection
1; mode=block
server
cloudflare
columns.css
www.pfizerforall.com/blocks/columns/ 		44 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/columns/columns.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b75950304a33fadd2a97fbd0548c469791e624ef7528c96c28d9c193df31b1f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"4cdb26d8d9670a3bc2ef70b125476dba"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code MVkLvxtVh8guMkaL
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 11:33:36 GMT
vary
Accept-Encoding
x-cache-hits
0, 7, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kiad7000134-IAD, cache-fra-eddf8230107-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727938539.867871,VS0,VE98
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e32f893d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4795
x-xss-protection
1; mode=block
server
cloudflare
columns.js
www.pfizerforall.com/blocks/columns/ 		1 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/columns/columns.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26796aabec40ec363bf53d2812f301e749b0bdd5ae176ae687f165be4817fcdd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/lib-franklin.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"70b351e34be59bdea87f4c9a6af7eed2"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code A-idin5UM-to38RN
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 16 Sep 2024 22:57:10 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100034-IAD, cache-fra-eddf8230136-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.346162,VS0,VE91
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e32f89ad2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
589
x-xss-protection
1; mode=block
server
cloudflare
cards.css
www.pfizerforall.com/blocks/cards/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/cards/cards.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd41efc28e164fa0523cb704486d6de6b36a783708036fd84bb742097e3dc5d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"ec028ddaf379f6dc12a40d16ed20183a"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code WMXrDnrUQlYgDjrF
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 10 Sep 2024 19:10:09 GMT
vary
Accept-Encoding
x-cache-hits
0, 4, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200095-IAD, cache-iad-kcgs7200095-IAD, cache-fra-eddf8230035-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.493803,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e32f896d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
738
x-xss-protection
1; mode=block
server
cloudflare
cards.js
www.pfizerforall.com/blocks/cards/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/cards/cards.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30112037dc15a0248b3123a85d5d27a2f4757d1de5b3cf426a5299baaa8cecfa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/lib-franklin.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"b720f434a5bd06a4862d1e889ea6e4fe"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code DhZUzeZ3lSh3edvB
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 04 Sep 2024 13:59:11 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200055-IAD, cache-iad-kcgs7200055-IAD, cache-fra-eddf8230032-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727938539.873373,VS0,VE2
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e32f89dd2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1769
x-xss-protection
1; mode=block
server
cloudflare
data-layer
www.pfizerforall.com/ 		616 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/data-layer
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/analytics/legacy/analytics-worker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9450dea54c726a07be3fdfa70217e1a7a32cbc1301c94d7e0ccc4813fe5eace4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-edison-type
Adobe
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-ray
8d407e332952d2d3-FRA
date
Thu, 17 Oct 2024 13:04:10 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
custom-utilities.js
www.pfizerforall.com/scripts/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/scripts/custom-utilities.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0d79bd378184ac9a9527a9ace73d9a2cfad7e96e1fa71fd1711b8ee2404732a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/blocks/cards/cards.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"56e19fd9255cb15a3dc6adf000828019"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code ByDVz8sLk4d671Ue
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 19 Sep 2024 15:09:01 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100027-IAD, cache-iad-kjyo7100027-IAD, cache-fra-eddf8230109-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.550590,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e338a71d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6175
x-xss-protection
1; mode=block
server
cloudflare
PfizerTomorrow-Regular.woff2
www.pfizerforall.com/assets/fonts/ 		29 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/fonts/PfizerTomorrow-Regular.woff2
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8b6d72cf37a3cfd1d13079d707736647d7eb26cca1b295d4b766aa3e3f8122
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/styles/fonts.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"966632e38f01a86ae0077b97163139fe"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code eXmtVWR8XxCJqwCx
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
font/woff2
last-modified
Wed, 18 Sep 2024 02:21:30 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000026-IAD, cache-iad-kiad7000026-IAD, cache-bma1651-BMA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.577512,VS0,VE103
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e341c4bd2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29504
x-xss-protection
1; mode=block
server
cloudflare
PfizerTomorrow-Bold.woff2
www.pfizerforall.com/assets/fonts/ 		29 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/fonts/PfizerTomorrow-Bold.woff2
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1bd1d23d51b8ce498b5e69be277148909f669b51dd13848f5f1f80e10d8dc38
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/styles/fonts.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"197e3e32eb78a1135a941f29806ab937"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code OMJetLkxf23ecf_d
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
font/woff2
last-modified
Wed, 18 Sep 2024 02:21:30 GMT
vary
Accept-Encoding
x-cache-hits
0, 7, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kiad7000127-IAD, cache-fra-eddf8230138-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.658806,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e341c53d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29736
x-xss-protection
1; mode=block
server
cloudflare
header.css
www.pfizerforall.com/blocks/header/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/header/header.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6e87f33f965d29b4f355e093d72d4377d33efdd8280f3969353b3ce0cace71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"dd657e51b58077e94f26ace2a3fb1494"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code rvmIyKQQeIj-QDFA
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 19 Sep 2024 13:10:49 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200084-IAD, cache-iad-kcgs7200084-IAD, cache-fra-eddf8230025-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.951828,VS0,VE88
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e341c85d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2092
x-xss-protection
1; mode=block
server
cloudflare
header.js
www.pfizerforall.com/blocks/header/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/header/header.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60979d592d9200533095482425240213e5a5ba1d3b1b7737633757bb3a00b8e6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/lib-franklin.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"a080b9c44e52eeddf9156b00d0ef3aec"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code bZJoVuUpiEEiL6sC
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 19 Sep 2024 06:06:10 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000141-IAD, cache-iad-kiad7000141-IAD, cache-fra-eddf8230136-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.877178,VS0,VE102
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e342c8dd2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3513
x-xss-protection
1; mode=block
server
cloudflare
footer.css
www.pfizerforall.com/blocks/footer/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/footer/footer.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070b7c4d3bfb90944e580d1efe277b0e20e36ade116cb0d36f5cfefa38290e03
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"ce94b74c9fd364df3f20a180c08460f0"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code D6fbpGyAHq-sgyHY
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 13 Sep 2024 10:46:36 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000111-IAD, cache-iad-kiad7000111-IAD, cache-fra-eddf8230078-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.868105,VS0,VE103
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e342c8bd2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1007
x-xss-protection
1; mode=block
server
cloudflare
footer.js
www.pfizerforall.com/blocks/footer/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/footer/footer.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb507ff66541e40ad9b6575f4707961958f6b7f6ff3aade75774d87f6665000
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/lib-franklin.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"19545e94600c29cafcbbeb3d8a5217f3"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code xsL9d5tS7QUvF7vg
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 18:39:50 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100057-IAD, cache-iad-kjyo7100057-IAD, cache-fra-eddf8230119-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.868878,VS0,VE91
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e342c94d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
979
x-xss-protection
1; mode=block
server
cloudflare
PfizerDiatype-Bold.woff2
www.pfizerforall.com/assets/fonts/ 		51 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/fonts/PfizerDiatype-Bold.woff2
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eddfeb7884af2a60f5127db326159e31ea8bc5c52787b3eafdad034dcde0f3fb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/styles/fonts.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"284f5b9e56b8b24df9977fe8aa07025b"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code qAEVlqmErtlz8ray
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
font/woff2
last-modified
Wed, 18 Sep 2024 02:21:30 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000103-IAD, cache-iad-kiad7000103-IAD, cache-fra-eddf8230057-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.897955,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e344d0ad2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
52606
x-xss-protection
1; mode=block
server
cloudflare
media_1d399c8445bc94a19d47123ff62c383d576666f70.png
www.pfizerforall.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pfizerforall.com/media_1d399c8445bc94a19d47123ff62c383d576666f70.png?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc8fbc16bf579dd292c59971f4c38e9490d5707b2fc5115458d4dbd93773506a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

fastly-io-info
ifsz=518330 idim=630x630 ifmt=png ofsz=16064 odim=630x630 ofmt=webp
x-franklin-ref
v280
surrogate-key
main--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_media KuAL1xLW3JqrOYDn
cf-cache-status
HIT
etag
"Z4ctuJgePAujwpP16BRanCBR/YSrYLkdwj+zatUFpY4"
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/webp
last-modified
Mon, 23 Sep 2024 14:18:43 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
fastly-stats
io=1
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=2592000, must-revalidate
cdn-cache-control
max-age=2592000, must-revalidate
x-edison-type
Adobe
x-timer
S1727938539.080206,VS0,VE2
x-served-by
cache-iad-kcgs7200139-IAD, cache-iad-kcgs7200139-IAD, cache-fra-eddf8230062-FRA
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e34ded1d2d3-FRA
accept-ranges
bytes
content-length
16064
fastly-io-served-by
vpop-kiad7010247
x-xss-protection
1; mode=block
server
cloudflare
media_1bfcfdd322c4fdd926a5fc6804e362fda1da63a5a.jpeg
www.pfizerforall.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pfizerforall.com/media_1bfcfdd322c4fdd926a5fc6804e362fda1da63a5a.jpeg?width=750&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f1486f0aefd25dff56a7212049b90503ec41f1f6aa6ce15b24c14f5bbd1cfb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

fastly-io-info
ifsz=1612307 idim=2120x1584 ifmt=jpeg ofsz=26330 odim=750x560 ofmt=webp
x-franklin-ref
v280
surrogate-key
v279--pfizerforallcomus--pfizer main--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_media Pm1QfGsoALzgpppM
cf-cache-status
HIT
etag
"l2Zc0muOprAHV5FtLRBuhKhlKi5pdLfE6l0GavvfyzI"
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 18:13:41 GMT
vary
Accept-Encoding
x-cache-hits
0, 140, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
fastly-stats
io=1
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=2592000, must-revalidate
cdn-cache-control
max-age=2592000, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.926928,VS0,VE2
x-served-by
cache-iad-kiad7000141-IAD, cache-iad-kiad7000141-IAD, cache-fra-eddf8230073-FRA
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e344d1cd2d3-FRA
accept-ranges
bytes
content-length
26330
fastly-io-served-by
img09-us-east4
x-xss-protection
1; mode=block
server
cloudflare
media_1a2c819a0081ebe6390cdc6f3435acbf38fdb2826.jpeg
www.pfizerforall.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pfizerforall.com/media_1a2c819a0081ebe6390cdc6f3435acbf38fdb2826.jpeg?width=750&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83785f81cfbfdae41e13346f034fed4a5ad84b043ca7b330081e3257f7960466
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

fastly-io-info
ifsz=1213583 idim=2120x1584 ifmt=jpeg ofsz=12100 odim=750x560 ofmt=webp
x-franklin-ref
v280
surrogate-key
v279--pfizerforallcomus--pfizer main--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_media EPBQq6tTJCeNpwV9
cf-cache-status
HIT
etag
"9hvpavK/M7w8FMLA8WlpuVmTXmeDJ9QcmI1Eoo1aNSU"
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 18:13:41 GMT
vary
Accept-Encoding
x-cache-hits
0, 164, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
fastly-stats
io=1
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=2592000, must-revalidate
cdn-cache-control
max-age=2592000, must-revalidate
x-edison-type
Adobe
x-timer
S1728582222.725051,VS0,VE1
x-served-by
cache-iad-kjyo7100152-IAD, cache-iad-kjyo7100152-IAD, cache-fra-etou8220118-FRA
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e344d19d2d3-FRA
accept-ranges
bytes
content-length
12100
fastly-io-served-by
vpop-kiad7010213
x-xss-protection
1; mode=block
server
cloudflare
launch-1e86ccf76cc9.min.js
assets.adobedtm.com/22baa8e94be8/22a44e9ec845/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/launch-1e86ccf76cc9.min.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/adobe-launch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f5c791ccda7995237bcbb6df25d7abb7c5dafafebe8d2c0d98443fa21e952f0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"83fe8ca2a652e5a4765631e4dfc5d699:1728656805.769917"
expires
Thu, 17 Oct 2024 14:04:11 GMT
accept-ranges
bytes
content-length
23088
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 14:26:45 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
footer.plain.html
www.pfizerforall.com/global/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/global/footer.plain.html
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/blocks/footer/footer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663a378cd56a6454d86e045bc95f14920f640ec82eafbc6b04768d1af5d897d4
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
surrogate-key
v280--pfizerforallcomus--pfizer bzDTX_uWdMNaFVTq 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_metadata v280--pfizerforallcomus--pfizer_head 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 13 Sep 2024 02:20:30 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200073-IAD, cache-iad-kcgs7200073-IAD, cache-fra-eddf8230148-FRA
content-security-policy
connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.347833,VS0,VE91
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e34dee8d2d3-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
nav.plain.html
www.pfizerforall.com/global/ 		3 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/global/nav.plain.html
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/blocks/header/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44c80cce6be5ed5260ee60e2cbd99dd32196fd37946def676c6a602a3037856b
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
surrogate-key
v280--pfizerforallcomus--pfizer SXwANQ4UozdR_9RI 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_metadata v280--pfizerforallcomus--pfizer_head 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 11 Sep 2024 11:27:43 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
x-served-by
cache-iad-kiad7000124-IAD, cache-iad-kiad7000124-IAD, cache-fra-eddf8230068-FRA
content-security-policy
connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.598013,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e311a5cd2d3-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
pfizer-for-all-home.svg
www.pfizerforall.com/assets/icons/ 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/pfizer-for-all-home.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
025be9e4fac0ff8e71387e32ddf38b4124326b625a2a891d8f34cb08d7ffdc23
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"1caef31bb752c472f2186d3f862e3870"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 Qrd9U4YECMb8pYU-
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/svg+xml
last-modified
Wed, 11 Sep 2024 11:25:01 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000074-IAD, cache-iad-kiad7000074-IAD, cache-fra-eddf8230129-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.359820,VS0,VE88
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e34ef29d2d3-FRA
accept-ranges
bytes
content-length
1577
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
pfizer-for-all.svg
www.pfizerforall.com/assets/icons/ 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/pfizer-for-all.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88102d1d8385b24364033c3375d6d580c6a9a62fd723c974807db03786ac70fc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"e515702032f0a2051faefbbc81c0178a"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 no0Dexbe0DrmmaO7
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/svg+xml
last-modified
Wed, 11 Sep 2024 11:24:25 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000120-IAD, cache-iad-kiad7000120-IAD, cache-hel1410032-HEL
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.379513,VS0,VE111
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e34ef31d2d3-FRA
accept-ranges
bytes
content-length
1577
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
icon-left-arrow-circle.svg
www.pfizerforall.com/assets/icons/ 		851 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/icon-left-arrow-circle.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1f0546417daca6baf9820ba0db025f97dcf800f633a235202b1251a84ab9ec
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"a7538b59dd5b51375c50eb812b3d0e1b"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 olJKWnaGi61SNdWA
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/svg+xml
last-modified
Wed, 10 Jul 2024 23:47:29 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100034-IAD, cache-fra-eddf8230025-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.363912,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e34ef32d2d3-FRA
accept-ranges
bytes
content-length
481
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
icon-arrow-circle.svg
www.pfizerforall.com/assets/icons/ 		591 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/icon-arrow-circle.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7560f76ff53991b9d4ad0d75762f1af86ad36d319e2b02d75297576a11d65c0b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"3af32e6cb2e064bf9b14c0ae589377d6"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 vLFPRusKDn_C9XYO
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/svg+xml
last-modified
Mon, 01 Jul 2024 00:48:54 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
x-served-by
cache-iad-kjyo7100063-IAD, cache-iad-kjyo7100063-IAD, cache-fra-eddf8230038-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547086.610014,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e312a9bd2d3-FRA
accept-ranges
bytes
content-length
353
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
icon-sub-menu.svg
www.pfizerforall.com/assets/icons/ 		262 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pfizerforall.com/assets/icons/icon-sub-menu.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/blocks/header/header.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9070fca8da71dff697cd655efad81661cf87bd368043c8f541356a811129ced
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/blocks/header/header.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"56694dfe0836978e970daec721a18abe"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 2-p8DKSAugAmVI1P
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jul 2024 19:43:41 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000150-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230144-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547989.745922,VS0,VE3
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e351fa2d2d3-FRA
accept-ranges
bytes
content-length
223
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
white-pfizer-logo.svg
www.pfizerforall.com/assets/icons/ 		3 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/white-pfizer-logo.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/common-decorators.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b70902eb10ab805abd95f711555c74f763e66d8396b204e8e8245627f5533c0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"f0f763bcb9ef324fda107686bbc02b69"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 FAsxW4iP9ggslOCX
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Aug 2024 10:32:22 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100145-IAD, cache-iad-kjyo7100145-IAD, cache-bma1620-BMA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547087.561562,VS0,VE103
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e354819d2d3-FRA
accept-ranges
bytes
content-length
1503
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
fragment.css
www.pfizerforall.com/blocks/fragment/ 		206 B
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/fragment/fragment.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
660e0cd96b851568d2786ac74740cb3f459b716d7f0d1a530afb2736361a66b9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"9c0418b64434c8323ec4ca80c1b5836f"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code cIZjnoi29z7eK7IG
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 23 Jul 2024 23:19:03 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200062-IAD, cache-iad-kcgs7200062-IAD, cache-fra-eddf8230060-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.343117,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e354817d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
114
x-xss-protection
1; mode=block
server
cloudflare
fragment.js
www.pfizerforall.com/blocks/fragment/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/fragment/fragment.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59aedc3e7b041b7ac5b6d65bf90c8aef7f93a5b3cb909a4ef552a5d6e3c1c5e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/lib-franklin.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"fa85da9724c3e45a9a17df8a4c7f2636"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code SV4erHyXZxOfenbE
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 09 Aug 2024 18:02:31 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100152-IAD, cache-iad-kjyo7100152-IAD, cache-fra-eddf8230143-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937932.356624,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e35481ad2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
798
x-xss-protection
1; mode=block
server
cloudflare
pfanalytics-bundle.min.js
analytics.digitalpfizer.com/js/prod/libs/ 		348 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.digitalpfizer.com/js/prod/libs/pfanalytics-bundle.min.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01b73b1e99f9d5e9b36ca5274380241e18189cd236113df985cd3e5534fa0526

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
null
etag
"41eabd7954a63295882d4a3fe1ce02aa"
age
31624
x-cache
Hit from cloudfront
x-amz-cf-id
Z0b5k9MU1LBiWnnPNTfzpW3_BwPlj0fhFjO6ko-xWxA-hI5lCu8JPw==
date
Thu, 17 Oct 2024 04:17:08 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2024 13:22:22 GMT
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
94341
x-amz-cf-pop
FRA53-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
RCa64af22b2d804eeba4f1365a036b4888-source.min.js
assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/RCa64af22b2d804eeba4f1365a036b4888-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/launch-1e86ccf76cc9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
712884cea2af728deffe1eb0678972ac1c72252fe28241caa98fc2f383cfe68a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c3fea788549ea5533cd4be040a2c32da:1728656806.852896"
expires
Thu, 17 Oct 2024 14:04:11 GMT
accept-ranges
bytes
content-length
1212
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 14:26:46 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
footer-signup.plain.html
www.pfizerforall.com/global/fragment/ 		565 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/global/fragment/footer-signup.plain.html
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/blocks/fragment/fragment.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
332732870ea1e006d58a8279e925058619b2c73cfe01d1c7208bafef77e81a1f
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
surrogate-key
v280--pfizerforallcomus--pfizer A5CvH9IcyUzXAlP_ 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_metadata v280--pfizerforallcomus--pfizer_head 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
text/html; charset=utf-8
last-modified
Thu, 12 Sep 2024 12:14:48 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100066-IAD, cache-iad-kjyo7100066-IAD, cache-bma1649-BMA
content-security-policy
connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547087.701904,VS0,VE103
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e35da3ad2d3-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
RCec44b18a300c46a99fc375506bc17ebc-source.min.js
assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/ 		749 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/RCec44b18a300c46a99fc375506bc17ebc-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/launch-1e86ccf76cc9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1ac3748d059d48c83a8e011d28b09146d54b177f662e196b56a362b75de5b7bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c3fea788549ea5533cd4be040a2c32da:1728656806.852896"
expires
Thu, 17 Oct 2024 14:04:11 GMT
accept-ranges
bytes
content-length
409
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 14:26:46 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
custom-form.css
www.pfizerforall.com/blocks/custom-form/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/custom-form/custom-form.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f371c27b46a29db58e9f0f8b9ac54fd106b4be4d1c90ef301ec7d6d8c5643cd6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"41d6d31e80a63e70696ea9c3ea88ee30"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code sXMcxLzKEC4VSWtP
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 18 Sep 2024 15:46:19 GMT
vary
Accept-Encoding
x-cache-hits
0, 7, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200084-IAD, cache-iad-kcgs7200084-IAD, cache-fra-eddf8230112-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727938539.414514,VS0,VE89
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e364c79d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2641
x-xss-protection
1; mode=block
server
cloudflare
custom-form.js
www.pfizerforall.com/blocks/custom-form/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/blocks/custom-form/custom-form.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6478388c645c45e3c593dd021a8916426c4501af57a99c80638fef3908ff5592
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/lib/scripts/lib-franklin.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"3bdc16ced465b5eec46945008a60222b"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code oXmzjRF8I6X_Q9pV
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 17 Sep 2024 14:38:01 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000098-IAD, cache-iad-kiad7000098-IAD, cache-fra-eddf8230090-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727937933.871934,VS0,VE93
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e364c7dd2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
9859
x-xss-protection
1; mode=block
server
cloudflare
forms
ms-forms-service-production.digitalpfizer.com/api/v2/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ms-forms-service-production.digitalpfizer.com/api/v2/forms
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/blocks/custom-form/custom-form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bfa43adb8326e4261ad02b177172e7650f9b094841c6df513bfe5a9a44d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-config-token
form_builder__production__1367__wd
Referer

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-amz-apigw-id
fy6z3GyujoEEeJQ=
x-amzn-trace-id
Root=1-67110b4b-72cc5ce975d91a8d03ccc53d;Sampled=1;Lineage=1:090274f4:0
x-amzn-requestid
6dcebf85-ca78-4be8-b702-aa621d54c2e2
cf-ray
8d407e387987d2eb-FRA
access-control-allow-origin
*
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
application/json
server
cloudflare
forms
ms-forms-service-production.digitalpfizer.com/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ms-forms-service-production.digitalpfizer.com/api/v2/forms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-config-token
Access-Control-Request-Method
GET
Origin
https://www.pfizerforall.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,x-config-token,x-client-environment,access-control-allow-headers,access-control-allow-origin
access-control-allow-methods
OPTIONS,POST,GET
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8d407e374dbad2eb-FRA
content-length
3
content-type
application/json
date
Thu, 17 Oct 2024 13:04:11 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-amz-apigw-id
fy6z2F2DjoEENyg=
x-amzn-requestid
fc11da4d-7467-4a3c-ac51-264fa5feb376
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=2FE3252C54CC13CC0A4C98A7%40AdobeOrg&d_nsid=0&ts=1729170251327
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=2FE3252C54CC13CC0A4C98A7%40AdobeOrg&d_nsid=0&ts=1729170251327
365 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=2FE3252C54CC13CC0A4C98A7%40AdobeOrg&d_nsid=0&ts=1729170251327
Protocol
H2
Server
34.248.127.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-127-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f5d19e8e66278d5ff26fa9297ba9a6f192b46e851b953eded343e435a1ed200c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-2-v067-0db54ea90.edge-irl1.demdex.com 1 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
54VQMTutQP4=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://www.pfizerforall.com
content-length
306
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
application/json;charset=utf-8
vary
Origin

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=2FE3252C54CC13CC0A4C98A7%40AdobeOrg&d_nsid=0&ts=1729170251327
dcs
dcs-prod-irl1-2-v067-06aea4bb5.edge-irl1.demdex.com 0 ms
pragma
no-cache
access-control-allow-credentials
true
x-tid
Jkt0d1jPT8g=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://www.pfizerforall.com
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 17 Oct 2024 13:04:11 GMT
vary
Origin
ds.png
sync.graph.bluecava.com/ 		95 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.graph.bluecava.com/ds.png?p=9274e5db-ddcb-11ea-a80b-0242ac110002&segment=hipdwkripfvkfhvgnvnufioaiiwuemkc&CampaignID=4070C&Channel=Website&Event=Pageload&uid=&CreativeID=&Placement=&MAID=&PageName=www.pfizerforall.com%2F&Source=dir_org&Medium=dir_org&Keyword=dir_org&Key1=dir_org&Key2=dir_org&Key3=dir_org&Key4=dir_org&Key5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.19.70 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.19.241.35.bc.googleusercontent.com
Software
/
Resource Hash
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
public, max-age=2592000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
etag
"ds.png:1.0.2:9d9ad7b7"
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/png
dest5.html
pfizer.demdex.net/ Frame 4AF8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pfizer.demdex.net/dest5.html?d_nsid=0
Requested by
Host: analytics.digitalpfizer.com
URL: https://analytics.digitalpfizer.com/js/prod/libs/pfanalytics-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.31.110.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-110-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 17 Oct 2024 13:04:11 GMT
dcs
dcs-prod-irl1-2-v067-04498adc8.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 16 Oct 2024 09:35:02 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
cPVc7LTYR4Q=
id
smetrics.pfizerforall.com/ 		48 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.pfizerforall.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=2FE3252C54CC13CC0A4C98A7%40AdobeOrg&mid=26211078398365050404010117247031040820&ts=1729170251537
Requested by
Host: analytics.digitalpfizer.com
URL: https://analytics.digitalpfizer.com/js/prod/libs/pfanalytics-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
6b0d0f73c9e7dbe8ce00f9681f436de0df0406b10514cd34ba97d5181021e69b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.pfizerforall.com
p3p
CP="This is not a P3P policy"
content-length
48
date
Thu, 17 Oct 2024 13:04:11 GMT
x-xss-protection
1; mode=block
content-type
application/x-javascript;charset=utf-8
vary
Origin
server
jag
ibs:dpid=411&dpuuid=ZxELSwAAALTjrgNn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=25986008421778260014023634626869974069
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxELSwAAALTjrgNn
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxELSwAAALTjrgNn
Protocol
H2
Server
34.248.127.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-127-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-2-v067-0b0a8a455.edge-irl1.demdex.com 3 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
7xDBX+hESaQ=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/gif

Redirect headers

Cache-Control
no-cache
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxELSwAAALTjrgNn
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length
0
Date
Thu, 17 Oct 2024 13:04:11 GMT
Connection
keep-alive
Server
AMO-cookiemap/1.1
s81701791825551
smetrics.pfizerforall.com/b/ss/pfizerglobalimpatientsprod/1/JS-2.27.0/ 		43 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.pfizerforall.com/b/ss/pfizerglobalimpatientsprod/1/JS-2.27.0/s81701791825551?AQB=1&ndh=1&pf=1&t=17%2F9%2F2024%2015%3A4%3A11%204%20-120&mid=26211078398365050404010117247031040820&aamlh=6&ce=UTF-8&cdp=2&pageName=PfizerForAll%E2%84%A2%20%7C%20Official%20Site&g=https%3A%2F%2Fwww.pfizerforall.com%2F&cc=USD&server=www.pfizerforall.com&events=event7&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=D%3DpageName&v2=www.pfizerforall.com%2F&v3=D%3DpageName&c14=20241017&v14=20241017&c15=03%3A00%20PM&v15=03%3A00%20PM&c16=TH&v16=TH&c18=New&v18=New&c23=https%3A%2F%2Fwww.pfizerforall.com&c27=PP%E2%80%91UNP%E2%80%91USA%E2%80%914740&v31=UNBRANDED&c32=PP%E2%80%91UNP%E2%80%91USA%E2%80%914740&c36=20241017T1504&v48=English&c54=NA&v54=NA&c55=57090a8e-c9fe-4905-9473-a61cbf3d567c&c56=D%3DpageName&v61=US%20PCC%20Prod%20PfizerForAll&c62=D%3Dv59&v65=United%20States&c67=United%20States&c68=Migraine%2C%20COVID-19%2C%20Influenza%2C%20Respiratory%20Syncytial%20Virus%20%28RSV%29%2C%20Pneumococcal%20Disease&c69=aem%20franklin%20-%20v0.1.0&v70=2.27.0&c72=Disease%20Awareness%2C%20Access%2C%20Diagnosis%2C%20Resources%20Patient&v73=Migraine%2C%20COVID-19%2C%20Influenza%2C%20Respiratory%20Syncytial%20Virus%20%28RSV%29%2C%20Pneumococcal%20Disease&v78=Managed-Custom&v79=UNBRANDED&v90=Internal%20Medicine%2C%20Antivirals%2C%20Vaccines%2C%20Diagnostics&v91=26211078398365050404010117247031040820&v145=1&v152=Non%20In-App%20Browser&v154=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F129.0.0.0%20Safari%2F537.36&v167=CONSUMER%2C%20CROSS-BU&v170=General%20Public%2C%20Patient&v171=General%20Public%2C%20Patients&v196=VACCINES%20PORTFOLIO%2C%20DIAGNOSTICS%2C%20INTERNAL%20MEDICINE%2C%20PATIENT%20CARE%2C%20PNEUMOCOCCAL%20DISEASE%2C%20RESPIRATORY&v197=aem%20franklin%20-%20v0.1.0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=2FE3252C54CC13CC0A4C98A7%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
pragma
no-cache
etag
3713364839816134656-4618555169053261790
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 13:04:11 GMT
access-control-allow-origin
*
p3p
CP="This is not a P3P policy"
content-length
43
date
Thu, 17 Oct 2024 13:04:11 GMT
x-xss-protection
1; mode=block
last-modified
Fri, 18 Oct 2024 13:04:11 GMT
vary
*
server
jag
content-type
image/gif;charset=utf-8
lazy-styles.css
www.pfizerforall.com/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/styles/lazy-styles.css
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/lib/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effe80f83263895e1325ba0a92cba15369bef2a4c574c6da27ab28bafc51787e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"d9943a5f2cfd18d82627783203853787"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code 5RfHdv_zVTQi_swN
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 25 Sep 2024 02:18:00 GMT
vary
Accept-Encoding
x-cache-hits
0, 7, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200128-IAD, cache-fra-eddf8230091-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727938540.945750,VS0,VE88
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e3a28f5d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
669
x-xss-protection
1; mode=block
server
cloudflare
media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
www.pfizerforall.com/assets/icons/
Redirect Chain
  • https://www.pfizerforall.com/favicon.ico
  • https://www.pfizerforall.com/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
Protocol
H2
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
003b48783206eb62d337684db5c0f092f8a90fffd3554d5d3705f291bf9ab895
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/

Response headers

x-franklin-ref
v280
surrogate-key
main--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8_media tQ2kk_88pddGAE7B
cf-cache-status
HIT
etag
W/"943456f5190dd2659dd0d176a60658bd"
content-encoding
br
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 18 Jun 2024 15:14:08 GMT
vary
Accept-Encoding
x-cache-hits
0, 6, 0
x-frame-options
SAMEORIGIN
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kcgs7200143-IAD, cache-fra-eddf8230045-FRA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=2592000, must-revalidate
cdn-cache-control
max-age=2592000, must-revalidate
x-edison-type
Adobe
x-timer
S1727937931.505473,VS0,VE90
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e30e9bfd2d3-FRA
x-xss-protection
1; mode=block
server
cloudflare

Redirect headers

x-franklin-ref
v280
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 U7Jh-a1U8SdPKM_e
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache
HIT, HIT, HIT
date
Thu, 17 Oct 2024 13:04:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kcgs7200025-IAD, cache-bma1651-BMA
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
location
/assets/icons/media_1db373460f9c35b457a30de942cf75ee5c5050bf5.ico
retry-after
0
cdn-cache-control
max-age=172800, must-revalidate
x-timer
S1729069530.014834,VS0,VE2
x-edison-type
Adobe
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e2fee9dd2d3-FRA
x-xss-protection
1; mode=block
server
cloudflare
icon-external-link.svg
www.pfizerforall.com/assets/icons/ 		645 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pfizerforall.com/assets/icons/icon-external-link.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/styles/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7962ad586211bc937ca6b9e0d40dfe969abe41843337d4ed5527d0eacf36d39d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/styles/default.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"908b318187257449e91a3e97fb490410"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 tkO8-YAAW8vgt0kg
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jul 2024 19:41:10 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000133-IAD, cache-iad-kiad7000133-IAD, cache-fra-eddf8230126-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547088.843561,VS0,VE88
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e3a392ad2d3-FRA
accept-ranges
bytes
content-length
375
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
unionsubmit-icon-w.svg
www.pfizerforall.com/assets/icons/ 		551 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pfizerforall.com/assets/icons/unionsubmit-icon-w.svg
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/blocks/custom-form/custom-form.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7218fdb1844267b91ebf8f5b3b1cedc210b9356c994bae808093696ad64d2f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.pfizerforall.com/blocks/custom-form/custom-form.css

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"f90a52306acbc96cd578f3378acb3b5f"
surrogate-key
v280--pfizerforallcomus--pfizer 0280179e42dfb5da67434695ebf6894381249305cb41e765d8c6fbd89b8 tusNSNREZMNoDqYz
x-content-type-options
nosniff
x-cache
MISS, HIT, MISS
date
Thu, 17 Oct 2024 13:04:11 GMT
content-type
image/svg+xml
last-modified
Wed, 24 Jul 2024 20:48:43 GMT
vary
Accept-Encoding
x-cache-hits
0, 3, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kcgs7200087-IAD, cache-fra-eddf8230122-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1728547088.862110,VS0,VE91
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e3a392dd2d3-FRA
accept-ranges
bytes
content-length
339
x-xss-protection
1; mode=block
fastly-restarts
1
server
cloudflare
delayed.js
www.pfizerforall.com/scripts/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/scripts/delayed.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a04ca5f985ae44d6bad81581900045abfec1d8616d432e70d382a2531a9dff
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/scripts.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"9cc04477419f0f86e7b1ad86c91e2d07"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code z2W1cRcC_1-3vllv
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:14 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Sep 2024 21:35:57 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100159-IAD, cache-fra-eddf8230031-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727938543.964422,VS0,VE2
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e4ceef3d2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1199
x-xss-protection
1; mode=block
server
cloudflare
delay-analytics.js
www.pfizerforall.com/scripts/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pfizerforall.com/scripts/delay-analytics.js
Requested by
Host: www.pfizerforall.com
URL: https://www.pfizerforall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
074b92e371e23145924c5503d488d09c6b7292ec2e2932cdd2a7dc20b816d38f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.pfizerforall.com
Referer
https://www.pfizerforall.com/scripts/delayed.js

Response headers

x-franklin-ref
v280
content-encoding
gzip
cf-cache-status
HIT
etag
"e7b1e2a1640e87d252d53b094c9ace33"
surrogate-key
v280--pfizerforallcomus--pfizer v280--pfizerforallcomus--pfizer_code gsrF0AllGgku4OxM
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 17 Oct 2024 13:04:15 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 14:24:29 GMT
vary
Accept-Encoding
x-cache-hits
0, 5, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-served-by
cache-iad-kiad7000149-IAD, cache-iad-kiad7000149-IAD, cache-fra-eddf8230131-FRA
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
cache-control
max-age=14400, must-revalidate
cdn-cache-control
max-age=172800, must-revalidate
x-edison-type
Adobe
x-timer
S1727938543.027615,VS0,VE5
referrer-policy
same-origin
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray
8d407e4dd98ed2d3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1805
x-xss-protection
1; mode=block
server
cloudflare
RC4ba25508ef35428792520708206c3285-source.min.js
assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/ 		631 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/RC4ba25508ef35428792520708206c3285-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/launch-1e86ccf76cc9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
002717e7ff92692b7f1092abe4721425af38c23620ccb9d7b9e779d5cad56a75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c3fea788549ea5533cd4be040a2c32da:1728656806.852896"
expires
Thu, 17 Oct 2024 14:04:16 GMT
accept-ranges
bytes
content-length
333
date
Thu, 17 Oct 2024 13:04:16 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 14:26:46 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC1f25c2783e194fbe860526df07678af3-source.min.js
assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/ 		740 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/RC1f25c2783e194fbe860526df07678af3-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/launch-1e86ccf76cc9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a7cf0dd6f072d94cca7507e32cdbd943dd5e1f32ccb4cc9c11961b4976adbb86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c3fea788549ea5533cd4be040a2c32da:1728656806.852896"
expires
Thu, 17 Oct 2024 14:04:16 GMT
accept-ranges
bytes
content-length
431
date
Thu, 17 Oct 2024 13:04:16 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 14:26:46 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC0cfce170239f42879bf08c16c4f3c24c-source.min.js
assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/RC0cfce170239f42879bf08c16c4f3c24c-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/launch-1e86ccf76cc9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d689357449bb763191188ad1b9fb35d0b2276c04282042ad022060353796842

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c3fea788549ea5533cd4be040a2c32da:1728656806.852896"
expires
Thu, 17 Oct 2024 14:04:16 GMT
accept-ranges
bytes
content-length
1799
date
Thu, 17 Oct 2024 13:04:16 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 14:26:46 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC438107676878448e9019bd1ce7e6da0a-source.min.js
assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/22baa8e94be8/22a44e9ec845/c2c1cd7ed058/RC438107676878448e9019bd1ce7e6da0a-source.min.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| prefetchedPages object| placeholders number| loadStartTime object| hlx object| whitelistedDomains object| bodymovin object| lottie object| analytics object| pfAnalyticsData object| _satellite boolean| __satelliteLoaded object| $pfAnalytics object| pfConfig object| $pfA function| onYouTubeIframeAPIReady object| adobe function| Visitor function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in object| visitor number| s_loadT object| s object| $pfaDataLayer object| s_i_pfizerglobalimpatientsprod boolean| $pfa_datalayer

10 Cookies

Domain/Path Name / Value
.pfizerforall.com/ Name: __cf_bm
Value: Xegxx6XTAy6uHxaSmsweBYrlYqCzZMOMI9AW4xIo4Es-1729170249-1.0.1.1-GMX2pPtcNl9YXA3MMsG1XhFf0tPDGoz1fkVXxcKX55b2NrF6tZQnU6JAdc0.wDB2SqYx1YVK5DDgSsC1vvxvqg
.pfizerforall.com/ Name: _cfuvid
Value: x0vasJMYRPTOSsrnvMOm9f.KVlriYiSjbGpMJryUlfE-1729170249557-0.0.1.1-604800000
.demdex.net/ Name: demdex
Value: 25986008421778260014023634626869974069
.www.pfizerforall.com/ Name: AMCVS_2FE3252C54CC13CC0A4C98A7%40AdobeOrg
Value: 1
.pfizerforall.com/ Name: s_ecid
Value: MCMID%7C26211078398365050404010117247031040820
.pfizerforall.com/ Name: s_nr
Value: 1729170251805-New
.pfizerforall.com/ Name: s_ppn
Value: PfizerForAll%E2%84%A2%20%7C%20Official%20Site
.pfizerforall.com/ Name: s_sess
Value: %20s_plt%3D1.80%3B%20s_pltp%3DPfizerForAll%25E2%2584%25A2%2520%257C%2520Official%2520Site%3B%20s_tp%3D3459%3B%20s_ppv%3DPfizerForAll%2525u2122%252520%25257C%252520Official%252520Site%252C35%252C35%252C1200%3B%20s_cc%3Dtrue%3B
.dpm.demdex.net/ Name: dpm
Value: 25986008421778260014023634626869974069
.www.pfizerforall.com/ Name: AMCV_2FE3252C54CC13CC0A4C98A7%40AdobeOrg
Value: 179643557%7CMCIDTS%7C20014%7CMCMID%7C26211078398365050404010117247031040820%7CMCAAMLH-1729775051%7C6%7CMCAAMB-1729775051%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1729177451s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20021%7CvVersion%7C5.5.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.doubleclick.net *.evidon.com *.force.com *.franklin.edison.pfizer *.google.com *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.redditstatic.com *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page analytics.tiktok.com api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org collection.decibelinsight.net conversions-config.reddit.com det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com manifest.prod.boltdns.net maps.googleapis.com mboxedge34.tt.omtrdc.net pagead2.googlesyndication.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net pfizer.tt.omtrdc.net pixel-config.reddit.com resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ smetrics.pfizerforall.com tagmanager.google.com udc-neb.kampyle.com uploads.interactivity.brightcove.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live www.interactivemanager.pfizer; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.dotomi.com *.facebook.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.redditstatic.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ analytics.tiktok.com api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.decibelinsight.net cdn.di-capt.com cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page embed.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run interactive.digitalpfizer.com js.adsrvr.org/ js.intercomcdn.com js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ sdc-ibfw-portal.pfizer.com t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.interactivemanager.pfizer www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.redditstatic.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com global.acs.prismaaccess.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactive.digitalpfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ uploads.interactivity.brightcove.com web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.interactivemanager.pfizer www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.digitalpfizer.com
assets.adobedtm.com
cm.everesttech.net
dpm.demdex.net
ms-forms-service-production.digitalpfizer.com
pfizer.demdex.net
pfizerforall.com
smetrics.pfizerforall.com
sync.graph.bluecava.com
www.pfizerforall.com
assets.adobedtm.com
143.204.215.7
2606:4700:4400::6812:2396
2606:4700:4400::6812:23d6
2a02:26f0:3500:58c::1e80
34.248.127.197
35.241.19.70
52.18.168.199
52.31.110.142
63.140.62.17
002717e7ff92692b7f1092abe4721425af38c23620ccb9d7b9e779d5cad56a75
003b48783206eb62d337684db5c0f092f8a90fffd3554d5d3705f291bf9ab895
01b73b1e99f9d5e9b36ca5274380241e18189cd236113df985cd3e5534fa0526
025be9e4fac0ff8e71387e32ddf38b4124326b625a2a891d8f34cb08d7ffdc23
02d5c81b1dfaadd508f038a89472f13bdb0de462a8ac05c52d89c343fc9909f1
070b7c4d3bfb90944e580d1efe277b0e20e36ade116cb0d36f5cfefa38290e03
074b92e371e23145924c5503d488d09c6b7292ec2e2932cdd2a7dc20b816d38f
0b70902eb10ab805abd95f711555c74f763e66d8396b204e8e8245627f5533c0
0b75950304a33fadd2a97fbd0548c469791e624ef7528c96c28d9c193df31b1f
0df5d1ad0e8d8e9fc311d8ba6dc9e163ca73411c0eb60db294628e31c58b4f7d
111012f922855b9a1e0402690d21eef8c990213c1d6fa2df6e6a66dd7f6a6c82
12db06acc0cdfd4bc10589d7154c3202da0902f75d47095ff075fea8cd3cf73f
1ac3748d059d48c83a8e011d28b09146d54b177f662e196b56a362b75de5b7bf
2103e1dea3313151226fb557de2d8dfdd02cc8211139c1b3a162eb5575aceef4
23bfa43adb8326e4261ad02b177172e7650f9b094841c6df513bfe5a9a44d9f2
26796aabec40ec363bf53d2812f301e749b0bdd5ae176ae687f165be4817fcdd
2d689357449bb763191188ad1b9fb35d0b2276c04282042ad022060353796842
30112037dc15a0248b3123a85d5d27a2f4757d1de5b3cf426a5299baaa8cecfa
3096f0b1a39a9112c33129afcb3782856871d3c99c734b5ade0f94b1085a2edb
32895c2688e7b007eb89c0a25a074a13c09fd911068c556407ee50b188a7a0ce
332732870ea1e006d58a8279e925058619b2c73cfe01d1c7208bafef77e81a1f
354928e6ad631a70e15819cb6202d1a733a30c0fb27faf9dcc10990589c27cf3
44c80cce6be5ed5260ee60e2cbd99dd32196fd37946def676c6a602a3037856b
4678bd109864b10bf2f908339e62ecc5598165dc0a23e7d9edb7c12d3d928282
4e57ac9a6ff3d0824fe70d1b5164940b86c774f688518fa0eb9b752ceef35872
50f25128babd9aceb48ca425c8a247195867d2eb22aefbfb460b3303ccb18101
550f00851cefc14ed06a6d1d38e567149330b18e4d4eab91501e89e4b6f6e7fb
55a04ca5f985ae44d6bad81581900045abfec1d8616d432e70d382a2531a9dff
57c0e9f1b498be04594dcbd8f5a50378d8e9150b1a4b3f5f392d200ba2437fc5
5990aacddb433d2f33f837fadcd6daa7b2103ee4b14c5a2c1052839bc4c97ff3
5a6606b5cc28b2e224902191d2a9354adde557ea0d4e95446f360f7cffcf9e85
5c4c8392842fc3c219ad333cbe866bf85357ee5c750ffc484ed92bd862127c8f
60979d592d9200533095482425240213e5a5ba1d3b1b7737633757bb3a00b8e6
60f1486f0aefd25dff56a7212049b90503ec41f1f6aa6ce15b24c14f5bbd1cfb
621fbab5baf6954202030258e782944e334aa1a072b7c0b825f16da63caf8b9e
6478388c645c45e3c593dd021a8916426c4501af57a99c80638fef3908ff5592
660e0cd96b851568d2786ac74740cb3f459b716d7f0d1a530afb2736361a66b9
663a378cd56a6454d86e045bc95f14920f640ec82eafbc6b04768d1af5d897d4
6b0d0f73c9e7dbe8ce00f9681f436de0df0406b10514cd34ba97d5181021e69b
712884cea2af728deffe1eb0678972ac1c72252fe28241caa98fc2f383cfe68a
7560f76ff53991b9d4ad0d75762f1af86ad36d319e2b02d75297576a11d65c0b
75a8a38a93f3a5e8b44a2281ebae98e3ec9ceb855d6519684ec608d1688a7654
772d58a3a5fac3f7ae868ca03ce0ba821d5257565d90205b2f98fd3ae9e14b8a
7962ad586211bc937ca6b9e0d40dfe969abe41843337d4ed5527d0eacf36d39d
7c1a2932e99c472d230373137efa8f12a15f3d27491377f06a69126f3c1881b8
7e7218fdb1844267b91ebf8f5b3b1cedc210b9356c994bae808093696ad64d2f
7fe2e4cea59bf4863a0e098c3b83bbef9781186dabb69f701cbab437c5b18039
82369f4c6d017464bb690c075cb3a36b00064b877a41e70bd9d48b9cc468da12
83785f81cfbfdae41e13346f034fed4a5ad84b043ca7b330081e3257f7960466
87aa72e508452c32a33cebb50465993412ee17616695928cf3c7b0f79d91681c
88102d1d8385b24364033c3375d6d580c6a9a62fd723c974807db03786ac70fc
8cb507ff66541e40ad9b6575f4707961958f6b7f6ff3aade75774d87f6665000
9450dea54c726a07be3fdfa70217e1a7a32cbc1301c94d7e0ccc4813fe5eace4
9cdb8c06fe4ac45d3ff22f07f844f2532ae85420da387b63b49a25f71ba557ee
9f7accc3686e1b0c033ef07b7625e48a86e2b8758f093ccf3b078b7c4a6689d9
9f8b6d72cf37a3cfd1d13079d707736647d7eb26cca1b295d4b766aa3e3f8122
a0757321f974527bda3cc2593bf56cc7ffe4578421249ced6ae49ffb1c529f90
a1bd1d23d51b8ce498b5e69be277148909f669b51dd13848f5f1f80e10d8dc38
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4eb6cf0bbe627690ca359e51733d94aa5d8b8b286351f223faf80cae5305f10
a641b60226c712abfb6cd9f2cf28668470b99ae699b663aeebf6dc1cc94a7c49
a690c72577af8f1e5adf201260f3b81cfe56a6c689969ba31e506c8083acb610
a7cf0dd6f072d94cca7507e32cdbd943dd5e1f32ccb4cc9c11961b4976adbb86
a80c159f96b8e00d3b0a2730d71e31eb905d94354e94bfb0199f10e565d7de8a
a85195ea9e6abc960e5a8429c546229d263b53237b8ee756a9d712459db0de06
b39d81065cb59702c9a59b7d3ea2d3779380488f882ea5b72c5d6d81a1a9d876
b86ed5e9a7cde440093e6ff1d3667096b5515c3c80c0ea56844e760ebc5029e9
bc325f8cdeb9ba233226feca3535666455a8ec3410f72f97c0bc9a6ceb0823b0
be1f0546417daca6baf9820ba0db025f97dcf800f633a235202b1251a84ab9ec
bf6e87f33f965d29b4f355e093d72d4377d33efdd8280f3969353b3ce0cace71
c3c9c91c7b4727cc88d645fe1ec648f955d2ad67ae47d748b732bfa5fbe726c8
c494522dbacc3ebe700830b0663fc539d9faede84cbe1c4bc03203746ea0379b
c59aedc3e7b041b7ac5b6d65bf90c8aef7f93a5b3cb909a4ef552a5d6e3c1c5e
c947368367e26ee028da8329301afd63647a7b17bda2582d95f3f454df9a3a19
cbc8302498077001d6b68303dafc7e84d52e1dfbb1c7d6e606d816abf3e86978
d0d79bd378184ac9a9527a9ace73d9a2cfad7e96e1fa71fd1711b8ee2404732a
d1edf3ad2e376595102271ab2fa7488267107b032d436b636e3049b79865c395
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d359a3c211bb10fe3e41a1c16d110a6431e42bf243ad5e2d7c76b8e1bdc54386
d4b760964fe5ffd42fc96cf43fbea136ec0c51911df1f907dac32530dee00c03
d843badb9fe947366c8ce9b8506f92df92ff8d5c44673c4b0af12b2562cab338
d9070fca8da71dff697cd655efad81661cf87bd368043c8f541356a811129ced
dc8fbc16bf579dd292c59971f4c38e9490d5707b2fc5115458d4dbd93773506a
dcf8f68021b5c38ed802dbbe87e4bdd55e0d35e1ea2b912e5ac7b79421663a83
dd41efc28e164fa0523cb704486d6de6b36a783708036fd84bb742097e3dc5d0
dd6634152b4947c7d0ea5cc17bb0025a9eb45e47b61c1546e812b829740fca00
e723c835006e69ef524890a80338f7c2cfb503c9aeb49d65db0f648d5bbd8cd3
ec406fcb627646370d5dbc20527de851e28e0bab93e66dbe5d82c095b7974f5d
eddfeb7884af2a60f5127db326159e31ea8bc5c52787b3eafdad034dcde0f3fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6b86d0451b5564486a0cfdcb045a092575b4a976f0aabd2ffea9f60f5c5a6
effe80f83263895e1325ba0a92cba15369bef2a4c574c6da27ab28bafc51787e
f371c27b46a29db58e9f0f8b9ac54fd106b4be4d1c90ef301ec7d6d8c5643cd6
f5c791ccda7995237bcbb6df25d7abb7c5dafafebe8d2c0d98443fa21e952f0e
f5d19e8e66278d5ff26fa9297ba9a6f192b46e851b953eded343e435a1ed200c