urlscan.io logo urlscan.io
SecurityTrails logo

sutent.pfizerapps.com Open in urlscan Pro
104.18.42.224  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sutent.pfizerapps.com/
Effective URL: https://sutent.pfizerapps.com/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 27 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 104.18.42.224, located in and belongs to CLOUDFLARENET, US. The main domain is sutent.pfizerapps.com.
TLS certificate: Issued by E1 on November 27th 2023. Valid for: 3 months.
This is the only time sutent.pfizerapps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.64.145.32 13335 (CLOUDFLAR...)
11 104.18.42.224 13335 (CLOUDFLAR...)
1 104.16.250.67 13335 (CLOUDFLAR...)
1 151.101.2.137 54113 (FASTLY)
3 23.213.165.28 16625 (AKAMAI-AS)
1 142.250.186.42 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
1 104.17.184.88 13335 (CLOUDFLAR...)
20 8
1    172.64.145.32 (United States)

ASN13335 (CLOUDFLARENET, US)
sutent.pfizerapps.com
11    104.18.42.224 (None, )

ASN13335 (CLOUDFLARENET, US)
sutent.pfizerapps.com
1    104.16.250.67 (None, )

ASN13335 (CLOUDFLARENET, US)
fast.fonts.net
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    23.213.165.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-28.deploy.static.akamaitechnologies.com
assets.adobedtm.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
1    104.17.184.88 (None, )

ASN13335 (CLOUDFLARENET, US)
pfeprod.report-uri.com
Apex Domain
Subdomains		 Transfer
12 pfizerapps.com
sutent.pfizerapps.com
794 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 466
17 KB
1 report-uri.com
pfeprod.report-uri.com — Cisco Umbrella Rank: 391069
580 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
994 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
30 KB
1 fonts.net
fast.fonts.net — Cisco Umbrella Rank: 3883
0 amazonaws.com Failed
s3.amazonaws.com Failed
20 8
Domain Requested by
12 sutent.pfizerapps.com 1 redirects sutent.pfizerapps.com
3 assets.adobedtm.com sutent.pfizerapps.com
assets.adobedtm.com
1 pfeprod.report-uri.com assets.adobedtm.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com sutent.pfizerapps.com
1 code.jquery.com sutent.pfizerapps.com
1 fast.fonts.net sutent.pfizerapps.com
0 s3.amazonaws.com Failed assets.adobedtm.com
20 8

This site contains no links.

Subject Issuer Validity Valid
pfizerapps.com
E1		 2023-11-27 -
2024-02-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-05 -
2024-05-04		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
report-uri.com
E1		 2023-09-30 -
2023-12-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sutent.pfizerapps.com/
Frame ID: 588F04039FBAD08F6654C8A34B08C0E5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Calculadora de Riesgo cardiovascular a 10 aƱos

Page URL History Show full URLs

  1. http://sutent.pfizerapps.com/ HTTP 301
    https://sutent.pfizerapps.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

858 kB
Transfer

1012 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sutent.pfizerapps.com/ HTTP 301
    https://sutent.pfizerapps.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sutent.pfizerapps.com/
Redirect Chain
  • http://sutent.pfizerapps.com/
  • https://sutent.pfizerapps.com/
12 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc9743a7a330c563cf7e2b468ee270084369704c977988abe82184c837c436c
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
public, max-age=14400
cf-cache-status
MISS
cf-ray
82c7a45e89e43753-MXP
content-encoding
br
content-security-policy
font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-type
text/html
date
Mon, 27 Nov 2023 04:31:33 GMT
expires
Mon, 27 Nov 2023 08:31:33 GMT
last-modified
Fri, 29 Sep 2023 04:22:27 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-edison-type
Lite
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
82c7a45b4cf859ef-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 27 Nov 2023 04:31:31 GMT
Expires
Mon, 27 Nov 2023 05:31:31 GMT
Location
https://sutent.pfizerapps.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
77eb9968-b3e2-494f-8361-46c095c0cde6.css
fast.fonts.net/cssapi/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/cssapi/77eb9968-b3e2-494f-8361-46c095c0cde6.css
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.250.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://sutent.pfizerapps.com/
Origin
https://sutent.pfizerapps.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2604806
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga13628-LGA, cache-mxp6961-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701059494.604148,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
17, 277898
main.css
sutent.pfizerapps.com/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sutent.pfizerapps.com/css/main.css
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91209f2c121e2ae7d35caf5131ca2c337d9cfda6d36cf720cf654c88f0311cf6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:26 GMT
server
cloudflare
etag
W/"93896add7e64e840398daac4e2b04ef0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
82c7a467cbc23753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:33 GMT
main.js
sutent.pfizerapps.com/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sutent.pfizerapps.com/js/main.js
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8daeb1671d9c87e25191f6ec7650504313cb64315a41e4ca9dd854df2c956821
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-security-policy
font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:28 GMT
server
cloudflare
etag
W/"33d5fe2337da834df4b0dea1b6ac4231"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
82c7a467cbc33753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:33 GMT
launch-98b1cfec0142.min.js
assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/launch-98b1cfec0142.min.js
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-28.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
af4ee1f6fbc3b2353ab9d20de41a86651c8db06ed2bf8243d1052d145f994e93

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:36 GMT
content-encoding
gzip
last-modified
Tue, 04 Aug 2020 14:52:47 GMT
server
AkamaiNetStorage
etag
"659b6168640e8dcc68df4f17561041a8:1596552767.915165"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://sutent.pfizerapps.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
15896
expires
Mon, 27 Nov 2023 05:31:36 GMT
Logo.png
sutent.pfizerapps.com/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sutent.pfizerapps.com/images/Logo.png
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46ee5f8dabb5ad0d535617f215d94ab059bf8e4076579c3a089e77d727fdbf1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-length
67443
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:27 GMT
server
cloudflare
etag
"5e40b5ba6e438d3462d22824940609af"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82c7a467cbc43753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:33 GMT
loading.gif
sutent.pfizerapps.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sutent.pfizerapps.com/images/loading.gif
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0b695064efbafa0143adaef8fe50b747a8d53240a1fe2650d0339c5d9cf1a1f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-length
7684
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:27 GMT
server
cloudflare
etag
"410e61afeeb47179727935e65240af89"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82c7a467cbc53753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:33 GMT
info-red.png
sutent.pfizerapps.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sutent.pfizerapps.com/images/info-red.png
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06a6ec06f8ef95621ee100d09234b950b09ba75157266286bb9093786579103e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:34 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-length
13613
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:27 GMT
server
cloudflare
etag
"be34b09fd0381a85de9a06a704d9516b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82c7a46dbd5e3753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:34 GMT
mediocirculo-sp.svg
sutent.pfizerapps.com/images/ 		7 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sutent.pfizerapps.com/images/mediocirculo-sp.svg
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e6a2e07716b5c69eea17787d0b2d9ab9ddc27da86775bf8e39db8de07d17cf
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:35 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-security-policy
font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:27 GMT
server
cloudflare
etag
W/"689f04eb233dc2ea5eebea65d16938a7"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82c7a472ceab3753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:35 GMT
flecha-negra-alcero.png
sutent.pfizerapps.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sutent.pfizerapps.com/images/flecha-negra-alcero.png
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd4e35e9cffed3a9bedddf2d0c9f8e7077e61d2842db4bd5c30e277bca7f99e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:35 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-length
1140
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:27 GMT
server
cloudflare
etag
"e8a682480fef6b3061e09cca1c6bd834"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82c7a472ceac3753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:35 GMT
load.gif
sutent.pfizerapps.com/images/ 		518 KB
519 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sutent.pfizerapps.com/images/load.gif
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
367d568a88eceae9ad5a5b4054109138a395d99d8fd48151077008a386aa87a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:35 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-length
530293
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:27 GMT
server
cloudflare
etag
"ee18c488158af9f5fc0a77e1b2b34c7e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82c7a472cead3753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:35 GMT
t1_sp.svg
sutent.pfizerapps.com/images/ 		47 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sutent.pfizerapps.com/images/t1_sp.svg
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf380ad5a3eaa840e1a4776ac0a4bd0bd819bac636a2d0e83788e9073297df22
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:35 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-security-policy
font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:27 GMT
server
cloudflare
etag
W/"27d4d6eb598dd80a3556f6d444601b09"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82c7a472ceae3753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:35 GMT
Logo_new.png
sutent.pfizerapps.com/images/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sutent.pfizerapps.com/images/Logo_new.png
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.42.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3c5a1eab5043e350b251a611d6ba728f79fda6dbf7b4bc6aa372c2b42c79d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:35 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-length
153292
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 29 Sep 2023 04:22:27 GMT
server
cloudflare
etag
"837c8c34921819d0e66f5be6bee1084b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82c7a472ceaf3753-MXP
x-edison-type
Lite
expires
Mon, 27 Nov 2023 08:31:35 GMT
css2
fonts.googleapis.com/ 		2 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: sutent.pfizerapps.com
URL: https://sutent.pfizerapps.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Nov 2023 04:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 03:19:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Nov 2023 04:31:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sutent.pfizerapps.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 21:25:42 GMT
x-content-type-options
nosniff
age
198353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 21:25:42 GMT
enforce
pfeprod.report-uri.com/r/t/csp/ 		11 B
580 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pfeprod.report-uri.com/r/t/csp/enforce
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/launch-98b1cfec0142.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.184.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://sutent.pfizerapps.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 27 Nov 2023 04:31:37 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain
cf-ray
82c7a47e78463742-MXP
alt-svc
h3=":443"; ma=86400
content-length
11
pf_appmeasurement.js
s3.amazonaws.com/pfe_im/js/prod/pcc/ 		0
0
RCa17cdd586dda478fb3b97b99685ed25f-source.min.js
assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/a5914c1e32c5/ 		298 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/a5914c1e32c5/RCa17cdd586dda478fb3b97b99685ed25f-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/launch-98b1cfec0142.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-28.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
93b0eff2cf6dd81c209ac94b829c7b64cd27a537d3531cb67653876e3fff8dc5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:36 GMT
content-encoding
gzip
last-modified
Tue, 04 Aug 2020 14:52:48 GMT
server
AkamaiNetStorage
etag
"41148524aeead1027dcab27421bcbcb7:1596552768.659616"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://sutent.pfizerapps.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
183
expires
Mon, 27 Nov 2023 05:31:36 GMT
RC11171db522c94a0886ffd290dc43ec2c-source.min.js
assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/a5914c1e32c5/ 		367 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/a5914c1e32c5/RC11171db522c94a0886ffd290dc43ec2c-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/launch-98b1cfec0142.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-28.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
67ee3ccc6e9dc1208f37cf6eccd243a6fddc05f3c1aef9f26683b42e49cf4363

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://sutent.pfizerapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:31:36 GMT
content-encoding
gzip
last-modified
Tue, 04 Aug 2020 14:52:48 GMT
server
AkamaiNetStorage
etag
"41148524aeead1027dcab27421bcbcb7:1596552768.659616"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://sutent.pfizerapps.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
237
expires
Mon, 27 Nov 2023 05:31:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/pfe_im/js/prod/pcc/pf_appmeasurement.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| _satellite boolean| __satelliteLoaded string| envMode string| scriptEnvironment object| pfConfig

3 Cookies

Domain/Path Name / Value
.pfizerapps.com/ Name: __cfruid
Value: cce6614b1927b8c0a0b3ead2c0e534b07a22478d-1701059491
.pfizerapps.com/ Name: __cf_bm
Value: hvdhJJYANvPaLW4dN_Yq.oHBdny7oKxEYgkswKyd9e8-1701059493-0-AY2sRtmnlselndGIO6Dkum0yrNoeYAzjdf34auuZazZtKCobnQBJgjRp5nmS2cvjH0zh2lIxq30KasSNZD44PpE=
.fonts.net/ Name: __cf_bm
Value: RIN8QCF4n6l3QdDkW_TUIRF2Pjaxvcy2aFS.kKP.G8w-1701059493-0-AVV+SWM9y52ZPorQzELcaIDHBgLH2loVnJ8scbIJBuV4obeFXjxQqkYh6asuoypfv/f/I+Xohu2o9baBlxwS97k=

3 Console Messages

Source Level URL
Text
network error URL: https://fast.fonts.net/cssapi/77eb9968-b3e2-494f-8361-46c095c0cde6.css
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/launch-98b1cfec0142.min.js(Line 1)
Message:
Refused to load the script 'https://s3.amazonaws.com/pfe_im/js/prod/pcc/pf_appmeasurement.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://pfeprod.report-uri.com/r/t/csp/enforce
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
code.jquery.com
fast.fonts.net
fonts.googleapis.com
fonts.gstatic.com
pfeprod.report-uri.com
s3.amazonaws.com
sutent.pfizerapps.com
s3.amazonaws.com
104.16.250.67
104.17.184.88
104.18.42.224
142.250.186.42
142.250.186.67
151.101.2.137
172.64.145.32
23.213.165.28
06a6ec06f8ef95621ee100d09234b950b09ba75157266286bb9093786579103e
367d568a88eceae9ad5a5b4054109138a395d99d8fd48151077008a386aa87a6
5cd4e35e9cffed3a9bedddf2d0c9f8e7077e61d2842db4bd5c30e277bca7f99e
5d3c5a1eab5043e350b251a611d6ba728f79fda6dbf7b4bc6aa372c2b42c79d5
67ee3ccc6e9dc1208f37cf6eccd243a6fddc05f3c1aef9f26683b42e49cf4363
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
8daeb1671d9c87e25191f6ec7650504313cb64315a41e4ca9dd854df2c956821
91209f2c121e2ae7d35caf5131ca2c337d9cfda6d36cf720cf654c88f0311cf6
93b0eff2cf6dd81c209ac94b829c7b64cd27a537d3531cb67653876e3fff8dc5
af4ee1f6fbc3b2353ab9d20de41a86651c8db06ed2bf8243d1052d145f994e93
b4e6a2e07716b5c69eea17787d0b2d9ab9ddc27da86775bf8e39db8de07d17cf
bbc9743a7a330c563cf7e2b468ee270084369704c977988abe82184c837c436c
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
cf380ad5a3eaa840e1a4776ac0a4bd0bd819bac636a2d0e83788e9073297df22
f0b695064efbafa0143adaef8fe50b747a8d53240a1fe2650d0339c5d9cf1a1f
f46ee5f8dabb5ad0d535617f215d94ab059bf8e4076579c3a089e77d727fdbf1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d