![](/screenshots/8dd18045-f8af-47b7-86a9-d7a700b0e4f1.png)
sutent.pfizerapps.com
Open in
urlscan Pro
104.18.42.224
Public Scan
Effective URL: https://sutent.pfizerapps.com/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 27 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by E1 on November 27th 2023. Valid for: 3 months.
This is the only time sutent.pfizerapps.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.64.145.32 172.64.145.32 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 104.18.42.224 104.18.42.224 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.16.250.67 104.16.250.67 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.2.137 151.101.2.137 | 54113 (FASTLY) (FASTLY) | |
3 | 23.213.165.28 23.213.165.28 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 142.250.186.42 142.250.186.42 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.186.67 142.250.186.67 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.17.184.88 104.17.184.88 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
20 | 8 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-28.deploy.static.akamaitechnologies.com
assets.adobedtm.com |
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
pfizerapps.com
1 redirects
sutent.pfizerapps.com |
794 KB |
3 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 466 |
17 KB |
1 |
report-uri.com
pfeprod.report-uri.com — Cisco Umbrella Rank: 391069 |
580 B |
1 |
gstatic.com
fonts.gstatic.com |
16 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
994 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 762 |
30 KB |
1 |
fonts.net
fast.fonts.net — Cisco Umbrella Rank: 3883 |
|
0 |
amazonaws.com
Failed
s3.amazonaws.com Failed |
|
20 | 8 |
Domain | Requested by | |
---|---|---|
12 | sutent.pfizerapps.com |
1 redirects
sutent.pfizerapps.com
|
3 | assets.adobedtm.com |
sutent.pfizerapps.com
assets.adobedtm.com |
1 | pfeprod.report-uri.com |
assets.adobedtm.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
sutent.pfizerapps.com
|
1 | code.jquery.com |
sutent.pfizerapps.com
|
1 | fast.fonts.net |
sutent.pfizerapps.com
|
0 | s3.amazonaws.com Failed |
assets.adobedtm.com
|
20 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pfizerapps.com E1 |
2023-11-27 - 2024-02-25 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-05 - 2024-05-04 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
report-uri.com E1 |
2023-09-30 - 2023-12-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sutent.pfizerapps.com/
Frame ID: 588F04039FBAD08F6654C8A34B08C0E5
Requests: 20 HTTP requests in this frame
Screenshot
![](/screenshots/8dd18045-f8af-47b7-86a9-d7a700b0e4f1.png)
Page Title
Calculadora de Riesgo cardiovascular a 10 aƱosPage URL History Show full URLs
-
http://sutent.pfizerapps.com/
HTTP 301
https://sutent.pfizerapps.com/ Page URL
Detected technologies
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sutent.pfizerapps.com/
HTTP 301
https://sutent.pfizerapps.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sutent.pfizerapps.com/ Redirect Chain
|
12 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
77eb9968-b3e2-494f-8361-46c095c0cde6.css
fast.fonts.net/cssapi/ |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
sutent.pfizerapps.com/css/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
sutent.pfizerapps.com/js/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-98b1cfec0142.min.js
assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/ |
47 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo.png
sutent.pfizerapps.com/images/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
sutent.pfizerapps.com/images/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info-red.png
sutent.pfizerapps.com/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediocirculo-sp.svg
sutent.pfizerapps.com/images/ |
7 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flecha-negra-alcero.png
sutent.pfizerapps.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load.gif
sutent.pfizerapps.com/images/ |
518 KB 519 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t1_sp.svg
sutent.pfizerapps.com/images/ |
47 KB 13 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo_new.png
sutent.pfizerapps.com/images/ |
150 KB 150 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 994 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
enforce
pfeprod.report-uri.com/r/t/csp/ |
11 B 580 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pf_appmeasurement.js
s3.amazonaws.com/pfe_im/js/prod/pcc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCa17cdd586dda478fb3b97b99685ed25f-source.min.js
assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/a5914c1e32c5/ |
298 B 443 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC11171db522c94a0886ffd290dc43ec2c-source.min.js
assets.adobedtm.com/22baa8e94be8/61b4f10dc0b5/a5914c1e32c5/ |
367 B 497 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- s3.amazonaws.com
- URL
- https://s3.amazonaws.com/pfe_im/js/prod/pcc/pf_appmeasurement.js
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery object| _satellite boolean| __satelliteLoaded string| envMode string| scriptEnvironment object| pfConfig3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.pfizerapps.com/ | Name: __cfruid Value: cce6614b1927b8c0a0b3ead2c0e534b07a22478d-1701059491 |
|
.pfizerapps.com/ | Name: __cf_bm Value: hvdhJJYANvPaLW4dN_Yq.oHBdny7oKxEYgkswKyd9e8-1701059493-0-AY2sRtmnlselndGIO6Dkum0yrNoeYAzjdf34auuZazZtKCobnQBJgjRp5nmS2cvjH0zh2lIxq30KasSNZD44PpE= |
|
.fonts.net/ | Name: __cf_bm Value: RIN8QCF4n6l3QdDkW_TUIRF2Pjaxvcy2aFS.kKP.G8w-1701059493-0-AVV+SWM9y52ZPorQzELcaIDHBgLH2loVnJ8scbIJBuV4obeFXjxQqkYh6asuoypfv/f/I+Xohu2o9baBlxwS97k= |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | font-src 'self' data: https: https://api2.fonts.com/; child-src 'self' blob:; connect-src 'self' *.addthis.com *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.digitalpfizer.com *.digitalpfizer.com.cn *.evidon.com *.force.com *.hapyak.com *.hotjar.com *.hotjar.io *.kampyle.com *.llnw.net *.llnwd.net *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.thunderhead.com 1vrf04rusa.execute-api.eu-west-1.amazonaws.com 223i44638a.execute-api.eu-west-1.amazonaws.com 6q7zxrfi35.execute-api.eu-west-1.amazonaws.com acsbapp.com appsapi.veinteractive.com/api bam.nr-data.net blob: c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.linkedin.oribi.io code.jquery.com cookiee1.veinteractive.com/api d2qrdklrsxowl2.cloudfront.net dpm.demdex.net drs2.veinteractive.com geoip-js.maxmind.com/geoip/v2.1/country geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net js-agent.newrelic.com l.betrad.com loremflickr.com manifest.prod.boltdns.net maps.googleapis.com metrics.articulate.com newton-api.eu.cloudhub.io pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com pfizer-privacy.my.onetrust.com/ pfizer.sc.omtrdc.net sessionapi.veinteractive.com sitecatalyst.omniture.com/sc15/activitymap storybook.js.org tagmanager.google.com vlswbkfag3.execute-api.eu-west-1.amazonaws.com web1.acsbapp.com wss: www.facebook.com www.google-analytics.com; frame-ancestors 'self' *.hapyak.com; frame-src 'self' *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.youtube.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net blob: config1.veinteractive.com d2qrdklrsxowl2.cloudfront.net hapyak-assets.s3.amazonaws.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com pfizer-grv.janrainsso.com pfizer.demdex.net pfizergrv-qa.janrainsso.com platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net resources.interactivity.brightcove.com sketchfab.com staticxx.facebook.com syndication.twitter.com td.doubleclick.net/ v5.organimi.com vars.hotjar.com where-to-buy.co www.facebook.com www.google.com/maps www.medtargetsystem.com/; img-src 'self' blob: data: https:; manifest-src 'self'; media-src 'self' *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com *.secure.brightcove.com blob: data: manifest.prod.boltdns.net; object-src 'self' players.brightcove.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudflare.com/cdn-cgi/scripts *.cloudfront.net/js/hapyak.js *.cloudfront.net/js/partners/brightcovePlugin *.digitalpfizer.com *.digitalpfizer.com.cn *.edison.sh *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.kampyle.com *.medallia.com *.medallia.eu *.pfizer.com *.pfizer.com.cn *.pfizerstatic.io *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com *.thunderhead.com *.youtube.com a.volvelle.tech acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com/ajax/libs/webfont/* analytics.twitter.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net blob: c.betrad.com c.evidon.com cdn.cookielaw.org cdnjs.cloudflare.com code.jquery.com config1.veinteractive.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js d2qrdklrsxowl2.cloudfront.net fast.fonts.net/jsapi geolocation.onetrust.com/ googleads.g.doubleclick.net js-agent.newrelic.com js.maxmind.com/js/apis/geoip2/v2.1 l.evidon.com maps.googleapis.com/maps-api-v3/api/js/ maps.googleapis.com/maps/api/js maxcdn.bootstrapcdn.com pfcopayoffers-stage.pfizersite.io platform.twitter.com player.interactivity.brightcove.com player.vimeo.com players.brightcove.net px.ads.linkedin.com px.veinteractive.com s.ytimg.com/yts/jsbin s3-eu-west-1.amazonaws.com s3.amazonaws.com/docs.gcs.digitalpfizer.com s3.amazonaws.com/pfe_im sadmin.brightcove.com/js snap.licdn.com ssl.google-analytics.com static.ads-twitter.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com/sodar vjs.zencdn.net www.geoplugin.net www.google-analytics.com www.googleadservices.com/pagead www.googletagmanager.com www.gstatic.com/charts; style-src 'self' 'unsafe-inline' https:; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce |
Strict-Transport-Security | max-age=31536000; includeSubdomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
code.jquery.com
fast.fonts.net
fonts.googleapis.com
fonts.gstatic.com
pfeprod.report-uri.com
s3.amazonaws.com
sutent.pfizerapps.com
s3.amazonaws.com
104.16.250.67
104.17.184.88
104.18.42.224
142.250.186.42
142.250.186.67
151.101.2.137
172.64.145.32
23.213.165.28
06a6ec06f8ef95621ee100d09234b950b09ba75157266286bb9093786579103e
367d568a88eceae9ad5a5b4054109138a395d99d8fd48151077008a386aa87a6
5cd4e35e9cffed3a9bedddf2d0c9f8e7077e61d2842db4bd5c30e277bca7f99e
5d3c5a1eab5043e350b251a611d6ba728f79fda6dbf7b4bc6aa372c2b42c79d5
67ee3ccc6e9dc1208f37cf6eccd243a6fddc05f3c1aef9f26683b42e49cf4363
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
8daeb1671d9c87e25191f6ec7650504313cb64315a41e4ca9dd854df2c956821
91209f2c121e2ae7d35caf5131ca2c337d9cfda6d36cf720cf654c88f0311cf6
93b0eff2cf6dd81c209ac94b829c7b64cd27a537d3531cb67653876e3fff8dc5
af4ee1f6fbc3b2353ab9d20de41a86651c8db06ed2bf8243d1052d145f994e93
b4e6a2e07716b5c69eea17787d0b2d9ab9ddc27da86775bf8e39db8de07d17cf
bbc9743a7a330c563cf7e2b468ee270084369704c977988abe82184c837c436c
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
cf380ad5a3eaa840e1a4776ac0a4bd0bd819bac636a2d0e83788e9073297df22
f0b695064efbafa0143adaef8fe50b747a8d53240a1fe2650d0339c5d9cf1a1f
f46ee5f8dabb5ad0d535617f215d94ab059bf8e4076579c3a089e77d727fdbf1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d