urlscan.io logo urlscan.io
SecurityTrails logo

www.lucirabypfizer.com Open in urlscan Pro
2606:4700:4400::6812:2b43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lucirahealth.com/
Effective URL: https://www.lucirabypfizer.com/
Submission Tags: tranco_l324
Submission: On April 28 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 63 HTTP transactions. The main IP is 2606:4700:4400::6812:2b43, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lucirabypfizer.com.
TLS certificate: Issued by E1 on March 20th 2024. Valid for: 3 months.
This is the only time www.lucirabypfizer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 141.193.213.10 209242 (CLOUDFLAR...)
1 1 141.193.213.11 209242 (CLOUDFLAR...)
62 2606:4700:440... 13335 (CLOUDFLAR...)
63 2
Apex Domain
Subdomains		 Transfer
62 lucirabypfizer.com
www.lucirabypfizer.com
757 KB
2 lucirahealth.com
lucirahealth.com
www.lucirahealth.com
541 B
63 2
Domain Requested by
62 www.lucirabypfizer.com www.lucirabypfizer.com
1 www.lucirahealth.com 1 redirects
1 lucirahealth.com 1 redirects
63 3

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
www.pfizer.com
Subject Issuer Validity Valid
lucirabypfizer.com
E1		 2024-03-20 -
2024-06-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.lucirabypfizer.com/
Frame ID: 70773C35BAED8E37A0B6797BAB52C309
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LUCIRA® by Pfizer for COVID-19 & Flu At Home Test

Page URL History Show full URLs

  1. http://lucirahealth.com/ HTTP 307
    https://lucirahealth.com/ HTTP 301
    https://www.lucirahealth.com/ HTTP 301
    https://www.lucirabypfizer.com/ Page URL

Page Statistics

63
Requests

98 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

757 kB
Transfer

850 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lucirahealth.com/ HTTP 307
    https://lucirahealth.com/ HTTP 301
    https://www.lucirahealth.com/ HTTP 301
    https://www.lucirabypfizer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.lucirabypfizer.com/
Redirect Chain
  • http://lucirahealth.com/
  • https://lucirahealth.com/
  • https://www.lucirahealth.com/
  • https://www.lucirabypfizer.com/
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5142de7c879ab04b81990f648d188760e469a0771eb01b52058cdde68a95f9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
max-age=7200, must-revalidate
cf-cache-status
HIT
cf-ray
87b5cb5c6d4a1bc3-FRA
content-encoding
gzip
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-type
text/html; charset=utf-8
date
Sun, 28 Apr 2024 08:48:37 GMT
last-modified
Wed, 20 Mar 2024 08:10:00 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding,X-Forwarded-Host
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-auth-state
authenticated
x-auth-user
helix@adobe.com
x-cache
MISS, HIT, MISS
x-cache-hits
0, 1, 0
x-content-type-options
nosniff
x-edison-type
Adobe
x-frame-options
SAMEORIGIN
x-franklin-ref
v41
x-served-by
cache-iad-kjyo7100044-IAD, cache-iad-kjyo7100059-IAD, cache-fra-eddf8230134-FRA
x-timer
S1710922242.836124,VS0,VE89
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87b5cb57c8d058ea-TXL
content-length
162
content-type
text/html
date
Sun, 28 Apr 2024 08:48:37 GMT
location
https://www.lucirabypfizer.com/
server
cloudflare
lib-franklin.js
www.lucirabypfizer.com/scripts/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/scripts/lib-franklin.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
420b19c6e59398aa03c6647de7186ae112cdeda07ec05340f7799c03fe5ac3ed
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
3387
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200152-IAD, cache-iad-kiad7000125-IAD, cache-fra-eddf8230120-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294118.215186,VS0,VE87
etag
"5bb2a448ab8ce43a6eca09433ce82f5a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb5d9eee1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 18, 0
scripts.js
www.lucirabypfizer.com/scripts/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/scripts/scripts.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0effbf7cf44a9c98b0fb1d3182f7ffcc40bfbed1886e1c0c9e5c00004096a8d2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
1631
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200119-IAD, cache-iad-kjyo7100026-IAD, cache-fra-eddf8230124-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1711682213.648674,VS0,VE90
etag
"fe8ca3fe6a4dd463ab2e273145b3520d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb5d9ef21bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 18, 1
styles.css
www.lucirabypfizer.com/styles/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/styles/styles.css
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d5ec5a428564225f91b03569f4e60f1b993aa51f8d697f269d92ebe190c05b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
4503
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000057-IAD, cache-iad-kiad7000022-IAD, cache-fra-eddf8230136-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294118.161170,VS0,VE1
etag
"3f48abb0f008d287c7399c9bc2839f09"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb5d9eea1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 155, 0
pfizer-utilities.js
www.lucirabypfizer.com/scripts/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/scripts/pfizer-utilities.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995259459ef188b932be39809cdeb7b4c1bfc339293b75e736bb9066db43402f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/scripts.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
530
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000129-IAD, cache-iad-kiad7000075-IAD, cache-fra-eddf8230039-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1711374282.915603,VS0,VE2
etag
"9a4f9cbb4066aa5d12d4655152465b09"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb5f99661bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 18, 1
media_1d7edba3f78bee8416ed2edce7fc707f4c5c417d9.jpeg
www.lucirabypfizer.com/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_1d7edba3f78bee8416ed2edce7fc707f4c5c417d9.jpeg?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f41caa0d809ad8b10508e67db811fb3dc502f1bb11dc0512dd60876a510421e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010216
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=552114 idim=1994x512 ifmt=jpeg ofsz=50952 odim=1994x512 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
50952
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kcgs7200161-IAD, cache-fra-eddf8230034-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1714131339.747698,VS0,VE93
etag
"A6KYn9JMlpDeUPTrUrQSTeDsAbUCSWWuQQFJ/nHY4rI"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc191bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
media_1f3bce167982809f664902ded293b6329cade365b.jpeg
www.lucirabypfizer.com/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_1f3bce167982809f664902ded293b6329cade365b.jpeg?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aead331667da7e1f96a25d4d36b33beaa664ed6853ea7d55167b378e25bbfe0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010247
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=264838 idim=960x512 ifmt=jpeg ofsz=27030 odim=960x512 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
27030
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000058-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230118-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1713116574.912255,VS0,VE89
etag
"qJnMlcGa4B6LP8lEedW2TmpKxREI+LpXi6PwmtE/y/k"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc1e1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 1, 0
media_12338ecf9c2cb2c208df551e56df4ab5d964ddbd3.png
www.lucirabypfizer.com/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_12338ecf9c2cb2c208df551e56df4ab5d964ddbd3.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc0764bcd0877dbeef7682117a1fdd5320e5ac52b429e000152eb03bb73d137f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010247
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=830099 idim=962x560 ifmt=png ofsz=27304 odim=962x560 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
27304
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kjyo7100154-IAD, cache-fra-eddf8230137-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.787625,VS0,VE91
etag
"wM4bJtE185KtmmOxuv19f7cg29ckZaemJlCroWuug1g"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc221bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
media_10d984ad83f90158b45ad5fa1151f4b3005c99f81.png
www.lucirabypfizer.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_10d984ad83f90158b45ad5fa1151f4b3005c99f81.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0da4df9ae658fc796a05c19caec49f9018c43ff1a44bb435a852e6a0e8d60c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010249
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=632579 idim=712x560 ifmt=png ofsz=23700 odim=712x560 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
23700
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000074-IAD, cache-iad-kiad7000074-IAD, cache-fra-eddf8230132-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.824178,VS0,VE100
etag
"aESV07YNuML/P4VtO4Xbb7tFgjGlUxy1AVtPdzTitgA"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc2c1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
media_1d79a5a7eeebcdad999f45c78203a1ca086b0657d.png
www.lucirabypfizer.com/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_1d79a5a7eeebcdad999f45c78203a1ca086b0657d.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea607576e8c9430377eb0e5a8b815608ce9963b3d68902d426dfb24de2a4ee54
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010226
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=710687 idim=670x670 ifmt=png ofsz=27454 odim=670x670 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
27454
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100090-IAD, cache-iad-kjyo7100090-IAD, cache-fra-eddf8230119-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.840353,VS0,VE92
etag
"PtFyhq7xtHRyNj90Gk/dxg5HGXUs4F1AzBpjHSsRQ9g"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc301bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
media_12f6f819cefcbf015d6f6bebc1aa67faf2b745de5.png
www.lucirabypfizer.com/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_12f6f819cefcbf015d6f6bebc1aa67faf2b745de5.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140033c7c76e1282e5e71f2b616d37732f494ffde8925c7f1b6d6a80f0b261a8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010249
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=846954 idim=962x560 ifmt=png ofsz=38812 odim=962x560 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
38812
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100060-IAD, cache-iad-kjyo7100060-IAD, cache-fra-eddf8230082-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.913184,VS0,VE94
etag
"+9zwRg5bkXGDevqOTPopABLojhxxRoBBN5FHTt7VijA"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc321bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
media_1bac514e46d0181965657619cbe8bf5ceb08018ca.png
www.lucirabypfizer.com/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_1bac514e46d0181965657619cbe8bf5ceb08018ca.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83faaac823650e307ce05d3c409a1fec01736762788a206d52921ca5f912be45
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010251
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=649446 idim=712x560 ifmt=png ofsz=32020 odim=712x560 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
32020
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kiad7000106-IAD, cache-fra-eddf8230042-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.784348,VS0,VE91
etag
"EQA5l41hkhTv7zpsli3CucEzRZRgKMriW42ibTHJOZ0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc331bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
media_19b521db830180b9dd157f7bc8f60092e3fb59923.png
www.lucirabypfizer.com/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_19b521db830180b9dd157f7bc8f60092e3fb59923.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e808f1340cc237bd29776c05bc53094cbcbd36bd40f7e3956ec30bdd492f08f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010211
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=741761 idim=670x670 ifmt=png ofsz=36964 odim=670x670 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
36964
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000089-IAD, cache-iad-kiad7000089-IAD, cache-fra-eddf8230050-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1713116574.906900,VS0,VE95
etag
"lAFbUr356sq4MQ4mVD44jmW8CJ+TgXo+B4WEi33cDqI"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc351bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 52, 0
media_130cb13db9665d3789e99935dfacab848caaf14ef.png
www.lucirabypfizer.com/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_130cb13db9665d3789e99935dfacab848caaf14ef.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290578ad8da1e406c45e4f2f89e75675adc1f65ecfabb80c0d2eb0d153b5e171
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010248
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=901764 idim=962x560 ifmt=png ofsz=47994 odim=962x560 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
47994
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200156-IAD, cache-iad-kcgs7200156-IAD, cache-fra-eddf8230146-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1713116574.875530,VS0,VE114
etag
"TLN7LddQk0qG2cjuOdlXHnF4YYfG2Sbdrsk9AYdH5Hg"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc371bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 44, 0
media_103a2fa5f324c46c2c3b921a408cf24157610465c.png
www.lucirabypfizer.com/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_103a2fa5f324c46c2c3b921a408cf24157610465c.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b93afcc95aca769f8158b1e5e61dc78ad69708351f82d7348a5db6e42c57f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010248
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=761398 idim=712x608 ifmt=png ofsz=42974 odim=712x608 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
42974
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100087-IAD, cache-iad-kjyo7100087-IAD, cache-fra-eddf8230117-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.779755,VS0,VE91
etag
"3Y14nL6C2pEPohubSdp6BLGjNuUtMNBLNhKa4ajcVZ4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61cc391bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
media_109ecc7cafb85354fc5d1682ebe977c2e93866bf2.png
www.lucirabypfizer.com/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/media_109ecc7cafb85354fc5d1682ebe977c2e93866bf2.png?width=2000&format=webply&optimize=medium
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c945bdb7dd6878cde4077fffacdf50c5f15ef6e6e08079c69976946b67f1074c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
fastly-io-served-by
vpop-kiad7010213
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=738746 idim=670x670 ifmt=png ofsz=37012 odim=670x670 ofmt=webp
fastly-stats
io=1
x-auth-user
helix@adobe.com
content-length
37012
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200083-IAD, cache-iad-kcgs7200083-IAD, cache-fra-eddf8230073-FRA
referrer-policy
same-origin
x-franklin-ref
v41
server
cloudflare
x-timer
S1713468693.073052,VS0,VE97
etag
"2B0vhOxtd2yoeI27rsW62N5B3+Vs1Ib+cvaqgLRhuiM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61fc781bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
asset-amazon-btn.svg
www.lucirabypfizer.com/assets/icons/ 		58 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/assets/icons/asset-amazon-btn.svg
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e27657b504e4460149dc78fd7f5cd3448fe877259d778be7ca0d4181588fe028
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
41596
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200096-IAD, cache-iad-kcgs7200096-IAD, cache-fra-eddf8230143-FRA
referrer-policy
same-origin
last-modified
Thu, 01 Feb 2024 15:19:24 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.816507,VS0,VE89
etag
"e078d26cb91da8400d844b6698e857ff"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb61fc791bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 69, 0
header.css
www.lucirabypfizer.com/blocks/header/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/header/header.css
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd51dfab17e76daf1607e939b0a8fdc73e5b682b2d9caf7e10910e0d24538455
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
3536
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000089-IAD, cache-iad-kjyo7100150-IAD, cache-fra-eddf8230073-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.925713,VS0,VE88
etag
"91c43c41690d42ea39c1c4ad9be35a63"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb626d061bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
header.js
www.lucirabypfizer.com/blocks/header/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/header/header.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e2b51c1dbaa7eae2fd6cf144371934b83819c8ca218636c29038c845d1db927
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/lib-franklin.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
4253
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100052-IAD, cache-iad-kiad7000095-IAD, cache-fra-eddf8230149-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.942407,VS0,VE89
etag
"f0bb19084d7ff6d537e8c9d4d09461dc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb626d0a1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
dtc.css
www.lucirabypfizer.com/blocks/dtc/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/dtc/dtc.css
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7303937e76b3a9ef778f71d0b9515c59d44a9be98606ee3c9bcefa4859c7fca7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
975
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100063-IAD, cache-iad-kiad7000166-IAD, cache-fra-eddf8230094-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.954998,VS0,VE89
etag
"ddcc87524bf08125381e13634e14977a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb626d081bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 26, 0
dtc.js
www.lucirabypfizer.com/blocks/dtc/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/dtc/dtc.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37a9c18cfaa1105325ea688469129ffbd0c17406c756362313658c79575ef2a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/lib-franklin.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
950
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200148-IAD, cache-iad-kcgs7200165-IAD, cache-fra-eddf8230070-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.901791,VS0,VE93
etag
"6a96aed3e2e66aeadc84aacb57a5ee87"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb626d0d1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 25, 0
columns.css
www.lucirabypfizer.com/blocks/columns/ 		49 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/columns/columns.css
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20a6ecd1490872c362cc79a4439f3d80066f11a96716f07a7a603bbbbaf1bbe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
7082
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200160-IAD, cache-iad-kcgs7200119-IAD, cache-fra-eddf8230022-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.928105,VS0,VE88
etag
"a2969f69cdbc955b3951b86987a16974"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb626d131bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
columns.js
www.lucirabypfizer.com/blocks/columns/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/columns/columns.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a4a9fae3dda9624583ab4fda1686ab8399d10716e432ee1ac751febd634f8a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/lib-franklin.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
711
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000074-IAD, cache-iad-kiad7000124-IAD, cache-fra-eddf8230106-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1713611024.646630,VS0,VE90
etag
"9494da19241ed6f76c3e06187dd3ac96"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb626d151bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
nav.plain.html
www.lucirabypfizer.com/global/ 		1 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/global/nav.plain.html
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/header/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
810019d3644c6573041ae94b76b2de4144ffc05486ca8d8be7dff5582c002c1b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100141-IAD, cache-iad-kjyo7100126-IAD, cache-fra-eddf8230056-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:38 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.201014,VS0,VE89
vary
Accept-Encoding,X-Forwarded-Host
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
cf-ray
87b5cb64c85e1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 10, 0
hero.css
www.lucirabypfizer.com/blocks/hero/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/hero/hero.css
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81f8015c62b8516005a09802a8ab76183f0d14c96729ce55655acf50ebd647a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
607
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200060-IAD, cache-iad-kjyo7100025-IAD, cache-fra-eddf8230104-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1712090813.616637,VS0,VE2
etag
"d0af8f4fed12b1d3104c1f6acb4f5ba2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb64c8611bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 1
hero.js
www.lucirabypfizer.com/blocks/hero/ 		0
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/hero/hero.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/lib-franklin.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
20
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000026-IAD, cache-iad-kiad7000026-IAD, cache-fra-eddf8230120-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294119.350976,VS0,VE3
etag
"7029066c27ac6f5ef18d660d5741979a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb64c8621bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 35, 0
side-footer.plain.html
www.lucirabypfizer.com/global/ 		670 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/global/side-footer.plain.html
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/header/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d28e758952871eb702ca7d45463c076680729f4c95fbb24db73b01b55331436
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200084-IAD, cache-iad-kjyo7100115-IAD, cache-fra-eddf8230108-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:38 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1712843002.922375,VS0,VE1
vary
Accept-Encoding,X-Forwarded-Host
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
cf-ray
87b5cb668bc21bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
isi.css
www.lucirabypfizer.com/blocks/isi/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/isi/isi.css
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160580b089cc77ec53433fb9f74f4ca3487b81349f68cc82ffa64b714b28068d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
1328
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000137-IAD, cache-iad-kjyo7100051-IAD, cache-fra-eddf8230092-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.502653,VS0,VE89
etag
"1a313aa0fd82ce3d60c618f929342b71"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb669bc71bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
isi.js
www.lucirabypfizer.com/blocks/isi/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/isi/isi.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6070f694c96d4a11a00edd050f5c8c1bf82704ca20654c32d8b2bbdf2ed6b445
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/lib-franklin.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
1649
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100041-IAD, cache-iad-kjyo7100084-IAD, cache-fra-eddf8230037-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:35 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.540025,VS0,VE89
etag
"c6150b5c1463dc5d824e9318e00178b6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb669bc81bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
isi.plain.html
www.lucirabypfizer.com/global/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/global/isi.plain.html
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/isi/isi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
370df56fc10fac1269d913d1673dd3af7b8658453c92f138f7b975b9c81e2022
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100071-IAD, cache-iad-kiad7000102-IAD, cache-fra-eddf8230054-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:38 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.761985,VS0,VE88
vary
Accept-Encoding,X-Forwarded-Host
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
cf-ray
87b5cb680e7e1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
dropdown.svg
www.lucirabypfizer.com/icons/ 		214 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/icons/dropdown.svg
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/header/header.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d4495c3ff263cd3a07d7892701227e9515cab77acc95aad902ad5f88863e5a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/blocks/header/header.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
172
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200084-IAD, cache-iad-kcgs7200084-IAD, cache-fra-eddf8230025-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:36 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.811800,VS0,VE89
etag
"5fd20b71f3fa92fe7f2f080c88d94810"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb684eca1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 30, 0
externalicon.svg
www.lucirabypfizer.com/icons/ 		390 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/icons/externalicon.svg
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/header/header.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87f253f3310e2b26d8b298b751dfb7b84fd679953b4ff295ce31cfc1f772bd5a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/blocks/header/header.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
244
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000069-IAD, cache-iad-kiad7000069-IAD, cache-fra-eddf8230034-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:36 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.763837,VS0,VE89
etag
"bfd0ccf6ec79ebf6d862a1a1dff188cf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb684ecd1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 30, 0
smallt.svg
www.lucirabypfizer.com/icons/ 		173 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/icons/smallt.svg
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/header/header.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caa21aae6dbaec93f8f36ad9965600c76dda7d613e494d0427a676abf99d3160
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/blocks/header/header.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
160
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000172-IAD, cache-iad-kiad7000172-IAD, cache-fra-eddf8230149-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714131339.373975,VS0,VE88
etag
"99f71b948b621bd1416e81577a37f954"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb684ecf1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 33, 0
bigt.svg
www.lucirabypfizer.com/icons/ 		176 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/icons/bigt.svg
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/header/header.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9454a83ffa3a2ee6362003c2a2c8e7264d9c689be063f5b88c7e0d35fb04431
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/blocks/header/header.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
163
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000098-IAD, cache-iad-kiad7000098-IAD, cache-fra-eddf8230088-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:36 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.808675,VS0,VE89
etag
"0e7a7b41a7e0ea02be2514fd9049673c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb684ed01bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 32, 0
logodtc.svg
www.lucirabypfizer.com/assets/icons/ 		6 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lucirabypfizer.com/assets/icons/logodtc.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0049a953959aeb1c1a094f30732261ef870b063ccbe7f7c331f3a758ae9ece8b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
2528
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200094-IAD, cache-iad-kjyo7100109-IAD, cache-fra-eddf8230154-FRA
referrer-policy
same-origin
last-modified
Wed, 06 Mar 2024 09:45:53 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.809970,VS0,VE88
etag
"5177c95d53efe95cc7482dab5870f96c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb685ed41bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 28, 0
upparrow.svg
www.lucirabypfizer.com/icons/ 		187 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/icons/upparrow.svg
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/isi/isi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5322ce2bef488f0e3d8066319933c7f85c918cdecfcf44959aac941ff2a8c256
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
172
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100080-IAD, cache-iad-kiad7000113-IAD, cache-fra-eddf8230029-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1712090813.276933,VS0,VE2
etag
"795215a0161cc742700a545bc356377a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6958511bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 1
footer.css
www.lucirabypfizer.com/blocks/footer/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/footer/footer.css
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00c0f547583160453bb3117163453be4769ab130b4c3aace17e863f097250a1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
1140
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200130-IAD, cache-iad-kiad7000113-IAD, cache-fra-eddf8230049-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.130400,VS0,VE89
etag
"706676c4218122109ece98ce56d89c14"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6a79da1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
footer.js
www.lucirabypfizer.com/blocks/footer/ 		800 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/footer/footer.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a64d47591c2077380c74d5dcdd41254ff8c6f9bc431dfc2ef6c908e68f960b69
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/lib-franklin.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
450
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100074-IAD, cache-iad-kjyo7100042-IAD, cache-fra-eddf8230100-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.166395,VS0,VE89
etag
"35d1aff2fd43061f087ccded04c5429f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6a79de1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 12, 0
lazy-styles.css
www.lucirabypfizer.com/styles/ 		1 KB
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/styles/lazy-styles.css
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f10a59a5e01b0bd8662723c86f16e4c2e30c2cc7ac8ce69a55af4ccddc36db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
237
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100158-IAD, cache-iad-kjyo7100079-IAD, cache-fra-eddf8230107-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.163835,VS0,VE89
etag
"84d640bc2753b5123733d9a596b2fc5d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6a79dd1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
popup.css
www.lucirabypfizer.com/blocks/popup/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/popup/popup.css
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76213c0fbb45943a754057944569b662281a1e1b2ae3de1f8736a9e48b41a4af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
953
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200155-IAD, cache-iad-kiad7000041-IAD, cache-fra-eddf8230032-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:35 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.125200,VS0,VE92
etag
"810ba8654ee5c69f3a825b874981c37c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6a79df1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
popup.js
www.lucirabypfizer.com/blocks/popup/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/popup/popup.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/lib-franklin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f4c8292b02cdce81f462c7c66a097f94f37993e5035f853bb86422ac36c86da
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/lib-franklin.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
1358
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200066-IAD, cache-iad-kjyo7100057-IAD, cache-fra-eddf8230103-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:35 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.135672,VS0,VE89
etag
"b5f4d01703f248d38ba7eff7361549ec"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6a79e01bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
custom.js
www.lucirabypfizer.com/scripts/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/scripts/custom.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc123fb9e514d35ddaeb6efb333f9eea6253ea3db99daf773575c5199cb5494a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/scripts.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
1423
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200140-IAD, cache-fra-eddf8230130-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.126301,VS0,VE90
etag
"fca32eeef48b3d9e57efb2e0905dd106"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6a79e11bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
favicon.ico
www.lucirabypfizer.com/styles/ 		495 B
978 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/styles/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4ff46732da968149ebe32b3624ef1a9a19d7c57312b387254052054149080d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
518
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000109-IAD, cache-iad-kiad7000109-IAD, cache-fra-eddf8230151-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.130927,VS0,VE88
etag
"2831499b89d7a12f8d62ee836c3f3fbf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/vnd.microsoft.icon
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6a79e41bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 29, 0
hcp.js
www.lucirabypfizer.com/blocks/hcp/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/blocks/hcp/hcp.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94581d8a75ef0476487412a70c50c3332c7e100757d8167adc4d256a44efa3b7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/custom.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
955
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000148-IAD, cache-iad-kcgs7200094-IAD, cache-fra-eddf8230064-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:34 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.347050,VS0,VE89
etag
"5b16995f9842a26e35a6ad5c68f378a4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6bab911bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
external-link-whitelist.json
www.lucirabypfizer.com/global/popups/ 		199 B
318 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/global/popups/external-link-whitelist.json
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/popup/popup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e51dc8142ce32d59b8310beda6169dd27b545eb859bd1182490c6424d1671a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-ancestors 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
127
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200111-IAD, cache-iad-kiad7000073-IAD, cache-fra-eddf8230077-FRA
referrer-policy
same-origin
last-modified
Thu, 26 Oct 2023 11:07:25 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.323035,VS0,VE90
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6bbbbe1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
footer.plain.html
www.lucirabypfizer.com/global/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/global/footer.plain.html
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/footer/footer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0a234fd155c98db648e3567fa7b39a5e49e935e3ba85748b5de7a677d79a6f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200112-IAD, cache-iad-kcgs7200112-IAD, cache-fra-eddf8230042-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:38 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.360582,VS0,VE89
vary
Accept-Encoding,X-Forwarded-Host
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
cf-ray
87b5cb6bebf81bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 11, 0
PfizerDiatype-Bold.woff2
www.lucirabypfizer.com/fonts/ 		45 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/fonts/PfizerDiatype-Bold.woff2
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/styles/lazy-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad424bccd490aa553ab32e78389ec5f21f48d71b99df321569bae82404fd256
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/styles/lazy-styles.css
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
45621
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200106-IAD, cache-iad-kcgs7200106-IAD, cache-fra-eddf8230151-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:35 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1712119941.661574,VS0,VE1
etag
"6b964011394cc027f8599e3eaa1be590"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6c0c1f1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 4, 1
PfizerDiatype-Regular.woff2
www.lucirabypfizer.com/fonts/ 		42 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/fonts/PfizerDiatype-Regular.woff2
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/styles/lazy-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9bd70025d7862bb30c7adeccc0417e92738b2909a8f1454456dec2af1699ad
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/styles/lazy-styles.css
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
43189
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000080-IAD, cache-iad-kcgs7200033-IAD, cache-fra-eddf8230037-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:35 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.408889,VS0,VE89
etag
"bfe514a2ac9a5e8668c8c1cbd4b21c73"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6c0c211bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 246, 0
PfizerDiatype-Heavy.woff2
www.lucirabypfizer.com/fonts/ 		53 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/fonts/PfizerDiatype-Heavy.woff2
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/styles/lazy-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d5742d57c0fc7b7274d25c89f536ebc74263c0b9f09f70a0fc37f793724831a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/styles/lazy-styles.css
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
54456
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kjyo7100162-IAD, cache-fra-eddf8230137-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:35 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.362941,VS0,VE88
etag
"b631e9c91559e6d807cded187c2b79e5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb6c0c221bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 19, 0
external-link-popup.plain.html
www.lucirabypfizer.com/global/popups/ 		776 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/global/popups/external-link-popup.plain.html
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/blocks/popup/popup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b796356a6ebf2218be8fa5924b998797cede48de4fb08542f8f54eb5672b6d3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kiad7000163-IAD, cache-fra-eddf8230042-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:38 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294120.487426,VS0,VE95
vary
Accept-Encoding,X-Forwarded-Host
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
cf-ray
87b5cb6cdcf01bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 10, 0
delayed.js
www.lucirabypfizer.com/scripts/ 		1018 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/scripts/delayed.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dede5fbe6ccb61f8c87c7dedb1d777e56bd3e7d057b0dc7f13420833cfd210cb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/scripts.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-auth-user
helix@adobe.com
content-length
449
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000136-IAD, cache-iad-kcgs7200079-IAD, cache-fra-eddf8230122-FRA
referrer-policy
same-origin
last-modified
Fri, 15 Mar 2024 06:59:37 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294121.123801,VS0,VE89
etag
"bc22b6688293f992927fbd16974b9367"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb70b9ce1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 17, 0
adobe-launch.js
www.lucirabypfizer.com/lib/scripts/ 		862 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/adobe-launch.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9efe305abdcd0bef7aa995fd7d2c32ad861ae730f3f375f88aec9efc58fb131
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/delayed.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
384
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200173-IAD, cache-iad-kiad7000063-IAD, cache-fra-eddf8230136-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:51 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714063020.517497,VS0,VE1
etag
"2e6d99887bf67c42e7a585a24c826bce"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb71eb331bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 31, 0
index.js
www.lucirabypfizer.com/lib/scripts/analytics/ 		867 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/analytics/index.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea61064f0e24b67a59bf88945a84a3560c8297000f5aaf1ecbea55156a69192
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/scripts/delayed.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
401
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kiad7000048-IAD, cache-fra-eddf8230021-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:52 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294121.317222,VS0,VE1
etag
"c6a9359c8dee559ff25432456ec4e7d3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb71eb361bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 30, 0
lib-franklin.js
www.lucirabypfizer.com/lib/scripts/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/lib-franklin.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c8de57d7664c73007319eceb31295486964b124a1877e7d57b70702ade18afc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/lib/scripts/analytics/index.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
7254
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200058-IAD, cache-iad-kcgs7200097-IAD, cache-fra-eddf8230081-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:52 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714063020.749051,VS0,VE2
etag
"410e8c3221bdccf15da78a3a7ef8ce35"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb728c371bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 21, 0
helpers.js
www.lucirabypfizer.com/lib/scripts/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/helpers.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c9c91c7b4727cc88d645fe1ec648f955d2ad67ae47d748b732bfa5fbe726c8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/lib/scripts/analytics/index.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
1275
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200080-IAD, cache-iad-kjyo7100149-IAD, cache-fra-eddf8230127-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:52 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714063020.854279,VS0,VE1
etag
"4899651fcdaeeef7a9600f7b2f20dcc9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb728c391bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 30, 4
tag-manager.js
www.lucirabypfizer.com/lib/scripts/ 		340 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/tag-manager.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ef6ff5aad87016fe7303f0eb7decf269db1cf3d35ceec52acf6798689e2588
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/lib/scripts/adobe-launch.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
206
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000176-IAD, cache-iad-kjyo7100049-IAD, cache-fra-eddf8230121-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:53 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294121.439042,VS0,VE1
etag
"328e7ab1affbae82075792b0f6d5821d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb72cc731bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 31, 0
env.js
www.lucirabypfizer.com/lib/ 		716 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/env.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6166c5801726215a38fe3ce626c384cb939b95c9e21b105bffa091eb1f04a142
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/lib/scripts/adobe-launch.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
referrer-policy
same-origin
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cf-ray
87b5cb72cc751bc3-FRA
x-edison-type
Adobe
x-xss-protection
1; mode=block
block-renderer.js
www.lucirabypfizer.com/lib/scripts/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/block-renderer.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8780039c11d68095d915089f6821035a2713ca541f4bdb1ffe5d01cd94b44319
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/lib/scripts/lib-franklin.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
3064
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100137-IAD, cache-iad-kjyo7100136-IAD, cache-fra-eddf8230025-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:52 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714063020.987884,VS0,VE3
etag
"0b079e867e5b8576ac97cadfd4d5dda4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb732cf61bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 23, 0
common-decorators.js
www.lucirabypfizer.com/lib/scripts/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/common-decorators.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
378467923cded14dd049608dcfe198984fb3be44bde17a8d3d282d812dbb8883
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/lib/scripts/lib-franklin.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
2970
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200085-IAD, cache-iad-kcgs7200160-IAD, cache-fra-eddf8230159-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:52 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294122.516816,VS0,VE1
etag
"26c33fadff6b76d36c123a669835511d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb732cfa1bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 21, 0
mustache-min.mjs
www.lucirabypfizer.com/lib/scripts/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/mustache-min.mjs
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb805864e715facdb9053e64f1d3d1494ce9a0783189769ee9785d7cc221a4e5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/lib/scripts/block-renderer.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
2580
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000161-IAD, cache-iad-kiad7000120-IAD, cache-fra-eddf8230151-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:52 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294122.705854,VS0,VE2
etag
"0435f9e5c3395c8d0fcb67b1f9241e9e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb740e261bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 21, 0
core-utilities.js
www.lucirabypfizer.com/lib/scripts/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/core-utilities.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5439835475873acfe017fa3066b4f4fe40eac30292038d77eb158f3314d545f8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/lib/scripts/block-renderer.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
3680
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200173-IAD, cache-iad-kjyo7100071-IAD, cache-fra-eddf8230131-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:52 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714063020.207310,VS0,VE1
etag
"95e3e4dbd6668ad68ac289f9c84e8bd3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb740e271bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 21, 0
inputs.js
www.lucirabypfizer.com/lib/scripts/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucirabypfizer.com/lib/scripts/inputs.js
Requested by
Host: www.lucirabypfizer.com
URL: https://www.lucirabypfizer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6c1e2e48f5314be676b9f1774b937b292f8d0bc18abbf76fa9417bb3cf48c2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.lucirabypfizer.com/lib/scripts/block-renderer.js
Origin
https://www.lucirabypfizer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:48:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
x-cache
MISS, HIT, HIT
x-franklin-lib
libraryfranklinpfizer - main (release20)
x-auth-user
helix@adobe.com
content-length
974
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000024-IAD, cache-iad-kiad7000059-IAD, cache-fra-eddf8230121-FRA
referrer-policy
same-origin
last-modified
Thu, 25 Apr 2024 13:43:52 GMT
x-franklin-ref
v41
server
cloudflare
x-timer
S1714294122.640166,VS0,VE2
etag
"f00f9c822e636605c1b2a4d5d3b277b0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200, must-revalidate
x-auth-state
authenticated
accept-ranges
bytes
cf-ray
87b5cb740e281bc3-FRA
x-edison-type
Adobe
x-cache-hits
0, 20, 0
placeholders.json
www.lucirabypfizer.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.lucirabypfizer.com
URL
https://www.lucirabypfizer.com/placeholders.json

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| hlx

3 Cookies

Domain/Path Name / Value
.lucirahealth.com/ Name: __cf_bm
Value: CAXqaPmJK6JlwLIJxFgF_hAGV4MA08LyOht7qByRLJw-1714294116-1.0.1.1-ZCB4YY3fjn6bTC3R7bNrLMDUUsaBIk2B3O5YEdti1UwlQAD9Nw.Irh_6C3XKT00DmLN3LAHsX5i04pXMRCfe3Q
.lucirabypfizer.com/ Name: __cf_bm
Value: krYGL_QQ545xgXNx7P9mzGYwDtVGKAPIDCG2GQlD0Ts-1714294117-1.0.1.1-8UWINQBUHJyirGcHmEAVEj7sBjxaWonewdgWn3oLkAf4UKzPC7pMF_61tdK4c5f1Jy3IpCzRhmwAOq_9QFRD7g
.lucirabypfizer.com/ Name: _cfuvid
Value: V_92dje9u5JwjfXvONJFU7VlgbzFhkYC4zBsyWs6bUc-1714294117957-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudfront.net/js/hapyak.js *.digitalpfizer.com *.force.com *.franklin.edison.pfizer *.hotjar.com *.salesforce-sites.com *.salesforce.com *.salesforceliveagent.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ api.neverbounce.com assets.adobedtm.com c.evidon.com cdn.cookielaw.org cdn.jsdelivr.net cdn.neverbounce.com/widget/dist/NeverBounce.js cdn.vev.design code.jquery.com connect.facebook.net einstein-cdn-dev.pfizer.com einstein-cdn-stage.pfizer.com einstein-cdn.pfizer.com embded.vev.page evidon.com geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run js.adsrvr.org js.adsrvr.org/ js.intercomcdn.com/ js.vev.design maps.googleapis.com player.interactivity.brightcove.com/ players.brightcove.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum/ rum.hlx.page/.rum/ t.contentsquare.net vjs.zencdn.net widget.doctor.com widget.intercom.io/ wowjs.uk www.aem.live/tools/sidekick/library/ www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.hlx.live/tools/sidekick/library/ www.youtube.com www.youtube.com/iframe_api; frame-src 'self' *.doctor.com *.fls.doubleclick.net *.force.com *.hapyak-hosted.com *.hapyak.com *.salesforce.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ fast.pfizer.demdex.net forms.office.com hapyak-assets.s3.amazonaws.com insight.adsrvr.org interactivity-uploads.s3.us-east-1.amazonaws.com/ intercom-sheets.com l3.evidon.com match.adsrvr.org pdi.doctor.com pfizer.demdex.net players.brightcove.net read.marvel.com resources.digital-cloud.medallia.eu td.doubleclick.net/ web.microsoftstream.com webfiles.digitalpfizer.com webfiles.pfizer.com www.google.com www.medtargetsystem.com/ www.youtube.com; default-src 'none'; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' blob: data: https:; connect-src 'self' *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.demdex.net *.digitalpfizer.com *.doctor.com *.force.com *.franklin.edison.pfizer *.hapyak.com *.hlx.reviews/admin/ *.hotjar.com *.hotjar.io *.salesforce-sites.com *.web.pfizer *.worker.pfizer admin.hlx.page api-iam.intercom.io api.neverbounce.com brightcove.hs.llnwd.net cdn.cookielaw.org det-ms-config-manager.s3.amazonaws.com/ directory-service.consumerism.pressganey.com directory-service.ls.consumerism.pressganey.com dpm.demdex.net edge.adobedc.net einstein-cdn-stage.pfizer.com embed.vev.page geoip-js.com geolocation.onetrust.com/ helix-pages.anywhere.run manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ pfizer.cloudflareaccess.com pfizer.sc.omtrdc.net resources.digital-cloud.medallia.eu rum.hlx.live/.rum. rum.hlx.page/.rum/ tagmanager.google.com udc-neb.kampyle.com uploads.intercomcdn.com wss: www.aem.live www.doctor.com www.google-analytics.com www.hlx.live; media-src 'self' *.media.brightcove.com blob: film.vev.design house-fastly-signed-eu-west-1-prod.brightcovecdn.com js.intercomcdn.com manifest.prod.boltdns.net secure.brightcove.com/services/mobile/streaming webfiles.digitalpfizer.com; frame-ancestors 'self' *.hapyak.com pfizer.cloudflareaccess.com pfizer.sharepoint.com; object-src 'self' players.brightcove.net; worker-src 'self' blob: unsafe-eval unsafe-inline; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lucirahealth.com
www.lucirabypfizer.com
www.lucirahealth.com
www.lucirabypfizer.com
141.193.213.10
141.193.213.11
2606:4700:4400::6812:2b43
0049a953959aeb1c1a094f30732261ef870b063ccbe7f7c331f3a758ae9ece8b
01d5ec5a428564225f91b03569f4e60f1b993aa51f8d697f269d92ebe190c05b
0b796356a6ebf2218be8fa5924b998797cede48de4fb08542f8f54eb5672b6d3
0c8de57d7664c73007319eceb31295486964b124a1877e7d57b70702ade18afc
0effbf7cf44a9c98b0fb1d3182f7ffcc40bfbed1886e1c0c9e5c00004096a8d2
140033c7c76e1282e5e71f2b616d37732f494ffde8925c7f1b6d6a80f0b261a8
160580b089cc77ec53433fb9f74f4ca3487b81349f68cc82ffa64b714b28068d
22a4a9fae3dda9624583ab4fda1686ab8399d10716e432ee1ac751febd634f8a
290578ad8da1e406c45e4f2f89e75675adc1f65ecfabb80c0d2eb0d153b5e171
2f4ff46732da968149ebe32b3624ef1a9a19d7c57312b387254052054149080d
31d4495c3ff263cd3a07d7892701227e9515cab77acc95aad902ad5f88863e5a
370df56fc10fac1269d913d1673dd3af7b8658453c92f138f7b975b9c81e2022
378467923cded14dd049608dcfe198984fb3be44bde17a8d3d282d812dbb8883
3e808f1340cc237bd29776c05bc53094cbcbd36bd40f7e3956ec30bdd492f08f
420b19c6e59398aa03c6647de7186ae112cdeda07ec05340f7799c03fe5ac3ed
43ef6ff5aad87016fe7303f0eb7decf269db1cf3d35ceec52acf6798689e2588
4e2b51c1dbaa7eae2fd6cf144371934b83819c8ca218636c29038c845d1db927
5322ce2bef488f0e3d8066319933c7f85c918cdecfcf44959aac941ff2a8c256
5439835475873acfe017fa3066b4f4fe40eac30292038d77eb158f3314d545f8
5ad424bccd490aa553ab32e78389ec5f21f48d71b99df321569bae82404fd256
6070f694c96d4a11a00edd050f5c8c1bf82704ca20654c32d8b2bbdf2ed6b445
6166c5801726215a38fe3ce626c384cb939b95c9e21b105bffa091eb1f04a142
62f10a59a5e01b0bd8662723c86f16e4c2e30c2cc7ac8ce69a55af4ccddc36db
6d5742d57c0fc7b7274d25c89f536ebc74263c0b9f09f70a0fc37f793724831a
6f4c8292b02cdce81f462c7c66a097f94f37993e5035f853bb86422ac36c86da
7303937e76b3a9ef778f71d0b9515c59d44a9be98606ee3c9bcefa4859c7fca7
76213c0fbb45943a754057944569b662281a1e1b2ae3de1f8736a9e48b41a4af
7d28e758952871eb702ca7d45463c076680729f4c95fbb24db73b01b55331436
7e51dc8142ce32d59b8310beda6169dd27b545eb859bd1182490c6424d1671a0
810019d3644c6573041ae94b76b2de4144ffc05486ca8d8be7dff5582c002c1b
83faaac823650e307ce05d3c409a1fec01736762788a206d52921ca5f912be45
8780039c11d68095d915089f6821035a2713ca541f4bdb1ffe5d01cd94b44319
87f253f3310e2b26d8b298b751dfb7b84fd679953b4ff295ce31cfc1f772bd5a
8aead331667da7e1f96a25d4d36b33beaa664ed6853ea7d55167b378e25bbfe0
94581d8a75ef0476487412a70c50c3332c7e100757d8167adc4d256a44efa3b7
95b93afcc95aca769f8158b1e5e61dc78ad69708351f82d7348a5db6e42c57f5
995259459ef188b932be39809cdeb7b4c1bfc339293b75e736bb9066db43402f
9a0da4df9ae658fc796a05c19caec49f9018c43ff1a44bb435a852e6a0e8d60c
9ea61064f0e24b67a59bf88945a84a3560c8297000f5aaf1ecbea55156a69192
a20a6ecd1490872c362cc79a4439f3d80066f11a96716f07a7a603bbbbaf1bbe
a37a9c18cfaa1105325ea688469129ffbd0c17406c756362313658c79575ef2a
a64d47591c2077380c74d5dcdd41254ff8c6f9bc431dfc2ef6c908e68f960b69
ad5142de7c879ab04b81990f648d188760e469a0771eb01b52058cdde68a95f9
b00c0f547583160453bb3117163453be4769ab130b4c3aace17e863f097250a1
c3c9c91c7b4727cc88d645fe1ec648f955d2ad67ae47d748b732bfa5fbe726c8
c945bdb7dd6878cde4077fffacdf50c5f15ef6e6e08079c69976946b67f1074c
caa21aae6dbaec93f8f36ad9965600c76dda7d613e494d0427a676abf99d3160
cc0a234fd155c98db648e3567fa7b39a5e49e935e3ba85748b5de7a677d79a6f
cd6c1e2e48f5314be676b9f1774b937b292f8d0bc18abbf76fa9417bb3cf48c2
dc0764bcd0877dbeef7682117a1fdd5320e5ac52b429e000152eb03bb73d137f
dc123fb9e514d35ddaeb6efb333f9eea6253ea3db99daf773575c5199cb5494a
de9bd70025d7862bb30c7adeccc0417e92738b2909a8f1454456dec2af1699ad
dede5fbe6ccb61f8c87c7dedb1d777e56bd3e7d057b0dc7f13420833cfd210cb
e27657b504e4460149dc78fd7f5cd3448fe877259d778be7ca0d4181588fe028
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81f8015c62b8516005a09802a8ab76183f0d14c96729ce55655acf50ebd647a
e9454a83ffa3a2ee6362003c2a2c8e7264d9c689be063f5b88c7e0d35fb04431
e9efe305abdcd0bef7aa995fd7d2c32ad861ae730f3f375f88aec9efc58fb131
ea607576e8c9430377eb0e5a8b815608ce9963b3d68902d426dfb24de2a4ee54
f41caa0d809ad8b10508e67db811fb3dc502f1bb11dc0512dd60876a510421e6
fb805864e715facdb9053e64f1d3d1494ce9a0783189769ee9785d7cc221a4e5
fd51dfab17e76daf1607e939b0a8fdc73e5b682b2d9caf7e10910e0d24538455