| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Drupal-Dynamic-Cache | UNCACHEABLE (poor cacheability) |
| Vary | Cookie,Accept-Encoding |
| Strict-Transport-Security | max-age=31536000 |
| Last-Modified | Fri, 18 Apr 2025 16:23:25 GMT |
| Cf-Cache-Status | HIT |
| Content-Type | text/html; charset=UTF-8 |
| Connection | keep-alive |
| Content-Language | en |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| Server | cloudflare |
| X-Drupal-Cache | HIT |
| Age | 23478 |
| Cf-Ray | 9327d6a20859fe93-AMS |
| Date | Fri, 18 Apr 2025 23:10:56 GMT |
| Cache-Control | max-age=21600, public |
| Expires | Sun, 19 Nov 1978 05:00:00 GMT |
| Content-Security-Policy | child-src 'self'; connect-src 'self' blob: wss: *.akafms.net *.akamaihd.net *.brightcove.com *.brightcove.net *.brightcovecdn.com *.contentsquare.net *.decibel.com *.decibelinsight.net *.demdex.net *.digitalpfizer.com *.evidon.com *.hapyak.com *.hotjar.com *.hotjar.io *.llnw.net *.llnwd.net *.pfizer.com acsbapp.com adservice.google.com bam-cell.nr-data.net bam.nr-data.net c.az.contentsquare.net/v2 cdn.acsbapp.com cdn.cookielaw.org cdn.di-capt.com d2qrdklrsxowl2.cloudfront.net dpm.demdex.net edge.adobedc.net geolocation.onetrust.com/ house-cloudfront.ap-northeast-1.prod.boltdns.net house-cloudfront.ap-southeast-1.prod.boltdns.net house-cloudfront.ap-southeast-2.prod.boltdns.net house-cloudfront.eu-west-1.prod.boltdns.net house-cloudfront.us-east-1.prod.boltdns.net interactive-private.digitalpfizer.com interactive-protected.digitalpfizer.com interactive.digitalpfizer.com interactivemanager.pfizer.com js-agent.newrelic.com knrpc.olark.com/nrpc l.betrad.com l.contentsquare.net manifest.prod.boltdns.net maps.googleapis.com pfizer-privacy.my.onetrust.com/ sitecatalyst.omniture.com/sc15/activitymap stats.addtoany.com/menu stats.g.doubleclick.net tagmanager.google.com uploads.interactivity.brightcove.com web1.acsbapp.com www.facebook.com www.google-analytics.com https://m.addthis.com https://www.facebook.com https://*.conductrics.com https://*.s3.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://www.youtube.com/iframe_api https://svc.webspellchecker.net https://*.pfizer.com https://readyforcures.quorum.us https://quorum-media.s3.amazonaws.com https://pfizer.sc.omtrdc.net https://*.qualtrics.com https://*.siteintercept.qualtrics.com https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://*.pfizersite.io https://www.pfizerclinicaltrials.com https://pfizer.cloudflareaccess.com/* https://cdn.linkedin.oribi.io/partner/1189948 https://pagead2.googlesyndication.com/pagead/buyside_topics/set/ https://cdn.linkedin.oribi.io https://dokumfe7mps0i.cloudfront.net https://olivia.paradox.ai https://cdn.cookielaw.org https://px.ads.linkedin.com https://pfizer.com/cdn-cgi/trace https://www.pfizer.com/cdn-cgi/trace https://www.google.com https://googleads.g.doubleclick.net https://cdn.decibelinsight.net/i/14167/2135292/di.js https://cdn.decibelinsight.net https://collection.decibelinsight.net https://portal.decibel.com https://widget.decibelinsight.net; font-src 'self' data: https:; frame-src 'self' tel: *.decibel.com *.decibelinsight.net *.digitalpfizer.com *.fls.doubleclick.net *.force.com *.hapyak.com *.janrainsso.com *.pfizer.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/ bid.g.doubleclick.net cdn.di-capt.com d2qrdklrsxowl2.cloudfront.net interactive-private.digitalpfizer.com interactive-protected.digitalpfizer.com interactive.digitalpfizer.com interactivemanager.pfizer.com interactivity-uploads.s3.us-east-1.amazonaws.com/ l3.evidon.com maps.googleapis.com player.interactivity.brightcove.com players.brightcove.net resources.interactivity.brightcove.com static.addtoany.com static.olark.com td.doubleclick.net/ tpc.googlesyndication.com uploads.interactivity.brightcove.com vars.hotjar.com www.facebook.com www.google.com/maps www.google.com/recaptcha www.googletagmanager.com www.medtargetsystem.com/ www.youtube.com https://s7.addthis.com https://twitter.com https://*.twitter.com https://www.hapyak.com https://*.simplecast.com https://p2a.co https://*.pfizer.com https://*.s3.amazonaws.com/ https://www.medrespond-pfra.com https://docs.google.com/ https://*.adsrvr.org https://www.shaa.it https://readyforcures.quorum.us https://*.qualtrics.com https://*.siteintercept.qualtrics.com https://pfizer.demdex.net/ https://forms.office.com https://www.google.com https://pollev-embeds.com/ https://webbuilder.pfizer https://td.doubleclick.net/ https://insight.adsrvr.org/ https://a-pfizer-test.vev.site; img-src 'self' about: blob: data: https: https://sva-ibfw-portal.pfizer.com:6082/php/uid.php; manifest-src 'self' https://pfizer.cloudflareaccess.com; media-src 'self' blob: data: *.akafms.net *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.llnw.net *.llnwd.net *.media.brightcove.com secure.brightcove.com/services/mobile/streaming static.olark.com https://*.s3.amazonaws.com https://*.pfizer.com https://*.brightcove.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.cloudflare.com/cdn-cgi/scripts *.decibel.com *.decibelinsight.net *.digitalpfizer.com *.dotomi.com *.force.com *.hotjar.com *.janrain.com *.janraincapture.com *.janrainsso.com *.salesforce.com *.salesforceliveagent.com acsbapp.com activitymap.adobe.com/sc15/activitymap/ aim-tag.hcn.health/js/ ajax.cloudflare.com ajax.googleapis.com ajax.googleapis.com/ajax/libs/webfont/* api.olark.com app.contentsquare.com assets.adobedtm.com bam.nr-data.net c.evidon.com cdn.cookielaw.org cdn.di-capt.com cdnjs.cloudflare.com connect.facebook.net d1v9u0bgi1uimx.cloudfront.net d29usylhdk1xyu.cloudfront.net d2qrdklrsxowl2.cloudfront.net d7v0k4dt27zlp.cloudfront.net/assets geolocation.onetrust.com/ googleads.g.doubleclick.net interactive-private.digitalpfizer.com interactive-protected.digitalpfizer.com interactive.digitalpfizer.com interactivemanager.pfizer.com js-agent.newrelic.com js.bizographics.com knrpc.olark.com/nrpc l.betrad.com l.evidon.com maps.googleapis.com optoutapi.evidon.com p.adsymptotic.com pfizer-grv-eu.janraincapture.com player.interactivity.brightcove.com/ players.brightcove.net px.ads.linkedin.com rpxnow.com/load s3-eu-west-1.amazonaws.com s3.amazonaws.com/pfe_grv s3.amazonaws.com/pfe_im sjs.bizographics.com static.addtoany.com static.cloudflareinsights.com static.olark.com t.contentsquare.net tagmanager.google.com tpc.googlesyndication.com vjs.zencdn.net www.bizographics.com www.google-analytics.com www.google.com/recaptcha www.google.com/search www.googleadservices.com www.googletagmanager.com www.gstatic.com/recaptcha www.linkedin.com https://cdn.cookielaw.org https://dokumfe7mps0i.cloudfront.net https://cdn.jsdelivr.net https://*.addthis.com/ https://z.moatads.com https://v1.addthisedge.com https://*.twitter.com https://static.ads-twitter.com/uwt.js https://cdn.syndication.twimg.com https://p2a.co https://www.youtube.com/ https://*.pfizer.com https://s.ytimg.com https://*.outbrain.com https://snap.licdn.com https://app.icontact.com https://d2qrdklrsxowl2.cloudfront.net https://*.s3.amazonaws.com https://js.adsrvr.org https://svc.webspellchecker.net https://bam-cell.nr-data.net https://*.taboola.com https://analytics.newscred.com https://analytics.welcomesoftware.com https://readyforcures.quorum.us https://*.qualtrics.com https://*.siteintercept.qualtrics.com https://static.ads-twitter.com/ https://m.addthis.com/ https://www.gstatic.com https://webbuilder.pfizer https://olivia.paradox.ai https://embed.vev.page https://cdn.vev.design https://js.vev.design https://cdn.decibelinsight.net/i/14167/2135292/di.js https://cdn.decibelinsight.net https://collection.decibelinsight.net https://portal.decibel.com https://widget.decibelinsight.net cdn-v3.conductrics.com cdn.jsdelivr.net https://assets.adobedtm.com https://cdn.ckeditor.com https://cdnjs.cloudflare.com https://code.jquery.com https://maxcdn.bootstrapcdn.com https://pkg-cdn.digitalpfizer.com https://unpkg.com https://www.google.com; style-src 'self' 'unsafe-inline' https: cdnjs.cloudflare.com fonts.googleapis.com; worker-src 'self' blob:; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce |
| X-Edison-Type | Custom |
| Set-Cookie | __cfruid=a76b78301565abbefaab368e54c6b6d8366bc244-1745017856; path=/; domain=.pfizer.com; HttpOnly; Secure; SameSite=None |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar