urlscan.io logo urlscan.io
SecurityTrails logo

www.xtandipricing.com Open in urlscan Pro
20.40.202.0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aboutblaw.com/baVG
Effective URL: https://www.xtandipricing.com/
Submission: On October 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 29 HTTP transactions. The main IP is 20.40.202.0, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.xtandipricing.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 27th 2023. Valid for: a year.
This is the only time www.xtandipricing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:2240:5600:10:6f26:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
aboutblaw.com
12    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.xtandipricing.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
9914507.fls.doubleclick.net
12947397.fls.doubleclick.net
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
Apex Domain
Subdomains		 Transfer
12 xtandipricing.com
www.xtandipricing.com
882 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
4 doubleclick.net
9914507.fls.doubleclick.net
12947397.fls.doubleclick.net
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
227 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 118
798 B
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1808
insight.adsrvr.org — Cisco Umbrella Rank: 665
3 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 13042
515 B
1 aboutblaw.com
aboutblaw.com
657 B
29 8
Domain Requested by
12 www.xtandipricing.com www.xtandipricing.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com www.xtandipricing.com
www.googletagmanager.com
2 12947397.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 adservice.google.com 9914507.fls.doubleclick.net
12947397.fls.doubleclick.net
2 9914507.fls.doubleclick.net 1 redirects www.googletagmanager.com
1 insight.adsrvr.org js.adsrvr.org
1 adservice.google.de adservice.google.com
1 region1.google-analytics.com www.googletagmanager.com
1 js.adsrvr.org www.googletagmanager.com
1 aboutblaw.com
29 11

This site contains links to these domains. Also see Links.

Domain
www.xtandi.com
www.astellas.com
www.pfizer.com
Subject Issuer Validity Valid
aboutbtax.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-14 -
2024-09-17		 a year crt.sh
xtandipricing.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2024-08-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.xtandipricing.com/
Frame ID: B54D322754ED2D2113D11B598A6F5F6E
Requests: 23 HTTP requests in this frame

Frame: https://9914507.fls.doubleclick.net/activityi;dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F
Frame ID: 806040707C27B80EF8B6D1F2A8BD0659
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F
Frame ID: 0E2E9599DC44BAD2CC79C16DE7E96F8F
Requests: 1 HTTP requests in this frame

Frame: https://12947397.fls.doubleclick.net/activityi;dc_pre=CL6B1Mbj8oEDFRwLogMdg7oATA;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=1062112502.1697191640;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F
Frame ID: 3E10E095B3338DC602897E9982023A92
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F
Frame ID: B88651A84F3A3F0A6F5645FE8EEB2820
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=yxkw1uq&ref=https%3A%2F%2Fwww.xtandipricing.com%2F&upid=m98m35p&upv=1.1.0
Frame ID: EBAF11C688478AC42B5E96C39FF23883
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

XTANDI® (enzalutamide) Pricing Information

Page URL History Show full URLs

  1. https://aboutblaw.com/baVG Page URL
  2. https://www.xtandipricing.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

100 %
HTTPS

60 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

1136 kB
Transfer

1609 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aboutblaw.com/baVG Page URL
  2. https://www.xtandipricing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://9914507.fls.doubleclick.net/activityi;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F HTTP 302
  • https://9914507.fls.doubleclick.net/activityi;dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F
Request Chain 21
  • https://12947397.fls.doubleclick.net/activityi;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=1062112502.1697191640;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F HTTP 302
  • https://12947397.fls.doubleclick.net/activityi;dc_pre=CL6B1Mbj8oEDFRwLogMdg7oATA;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=1062112502.1697191640;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
baVG
aboutblaw.com/ 		118 B
657 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aboutblaw.com/baVG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:5600:10:6f26:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
202d9d0309f420f4dcf48e1038d25dce0d71d7bf7e7a73eea844d77e3054445f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
118
content-type
text/html
date
Fri, 13 Oct 2023 10:07:19 GMT
etag
"fb09553c4b67a53c6b7a41c96a3448e7"
last-modified
Wed, 11 Oct 2023 17:24:57 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-id
Z63y_EYdO9EICgHU-T7aHIP_NW2U8TXrvlL5pNOU4kn5tafn59amEA==
x-amz-cf-pop
FRA60-P1
x-amz-id-2
bOT/LbNE33K4/d/2IzIBT/RKHuXLi4bnUy+zplylRAtuUf3e9KNCDxnsybAfBw9Xg0r4zUBEdDI=
x-amz-replication-status
COMPLETED
x-amz-request-id
E87D7TXQJGQ5Z0M9
x-amz-server-side-encryption
AES256
x-amz-version-id
56q2We1UTuRYr7kfDAO.umyhwU81BjH7
x-cache
RefreshHit from cloudfront
Primary Request /
www.xtandipricing.com/ 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xtandipricing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4210c4aa5ad14ba2eedb8ccc6ddef360522f399cbf72e485541c6b90309332b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://aboutblaw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
6877
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Oct 2023 10:07:19 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Vary
Accept-Encoding
X-Powered-By
ASP.NET
style.css
www.xtandipricing.com/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtandipricing.com/css/style.css
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
607db63ca607498201587c0bf1e32b886bed26811b111c149408d32a9131d1eb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a08c18a"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4882
xtandi-logo.png
www.xtandipricing.com/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtandipricing.com/img/xtandi-logo.png
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
361a9dbbd9e72f05f847a4170e61014615fe8e373a1165ecefa753585b42b5c3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a08e890"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
29584
chevron.png
www.xtandipricing.com/img/ 		871 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtandipricing.com/img/chevron.png
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b46a2aa7fc5c917becc01f8e0cf0224d5743ceb33ecd399b34ee0928f8d3ba84
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a089867"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
871
copay-card.png
www.xtandipricing.com/img/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtandipricing.com/img/copay-card.png
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
342e6c5f373ffc9c50a0dc65f409290711afc6defbf1c6c87a81f8d969f4a522
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a0999be"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
66238
xtandi-solutions-logo.png
www.xtandipricing.com/img/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtandipricing.com/img/xtandi-solutions-logo.png
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f094e877ceed892fb1fe637c1643f3050363d13b9e19a9137c59942f5f305e76
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a09a144"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
80452
astellas-logo.png
www.xtandipricing.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtandipricing.com/img/astellas-logo.png
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ee5c59c4d662d943b5ca21b1b1432eb55b10162491cc21f4bd74a2bf1746370c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a08971e"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3102
pfizer-logo.png
www.xtandipricing.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtandipricing.com/img/pfizer-logo.png
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b65459ce7dd6c3a8437c538161cd2e832a0b20634ecb038c89ac369d568fd12
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a089500"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3584
script.js
www.xtandipricing.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtandipricing.com/js/script.js
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d7d22de4aa0ea903c3a639108536aab282650dc14c9f16606931ab76dd89f870
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a0895a0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
795
gtm.js
www.googletagmanager.com/ 		254 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSNL7V8
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a8fb7ae0ea764603398d06fb1625bb7032bf218710e732af5a68f3d065a1caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:07:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90293
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Oct 2023 10:07:19 GMT
Whitney-Bold.otf
www.xtandipricing.com/css/assets/fonts/Whitney/ 		233 KB
233 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xtandipricing.com/css/assets/fonts/Whitney/Whitney-Bold.otf
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
afc6552f5a1de82ff9f1b18ea4d5821ed2e52fb0f319a900a26165f2229b9562
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.xtandipricing.com/css/style.css
Origin
https://www.xtandipricing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a0b3f10"
X-Powered-By
ASP.NET
Content-Type
font/otf
Accept-Ranges
bytes
Content-Length
238608
Whitney-Medium.otf
www.xtandipricing.com/css/assets/fonts/Whitney/ 		223 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xtandipricing.com/css/assets/fonts/Whitney/Whitney-Medium.otf
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6462d3011d9090607dacc6e953dd8d34494ff714ff0c8cf846e2f05419126283
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.xtandipricing.com/css/style.css
Origin
https://www.xtandipricing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a0be0f0"
X-Powered-By
ASP.NET
Content-Type
font/otf
Accept-Ranges
bytes
Content-Length
228336
Whitney-SemiBold.otf
www.xtandipricing.com/css/assets/fonts/Whitney/ 		230 KB
231 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xtandipricing.com/css/assets/fonts/Whitney/Whitney-SemiBold.otf
Requested by
Host: www.xtandipricing.com
URL: https://www.xtandipricing.com/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f107a4c66cec406d8dd7bc17778f8bbcf9705883a9c8c9b5e402fa7bdd524e7f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.xtandipricing.com/css/style.css
Origin
https://www.xtandipricing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 10:07:19 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Tue, 02 May 2023 17:39:26 GMT
Server
Microsoft-IIS/10.0
ETag
"1d97d1d0a0b0260"
X-Powered-By
ASP.NET
Content-Type
font/otf
Accept-Ranges
bytes
Content-Length
235872
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSNL7V8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 09:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1057
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 13 Oct 2023 11:49:42 GMT
activityi;dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~o...
9914507.fls.doubleclick.net/ Frame 8060
Redirect Chain
  • https://9914507.fls.doubleclick.net/activityi;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;...
  • https://9914507.fls.doubleclick.net/activityi;dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uam...
544 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9914507.fls.doubleclick.net/activityi;dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSNL7V8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
b2eaee2edb9040dc8ba5f28b4c3c070985a26e4ee9d54fb6bf63beec2f272139
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtandipricing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 10:07:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 10:07:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9914507.fls.doubleclick.net/activityi;dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSNL7V8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 03:51:17 GMT
Content-Encoding
gzip
Via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
22563
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
R46nn59Cry-jBPny0w7C3FkIoUmC2iFArTv1aoD97bCioiTjmL_FIQ==
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ET8V0YFX44&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSNL7V8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db11d7c2f6045d8e8839cc15982c0ed9713025834cfeaa2f8d66cbe2a2ac2273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:07:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75045
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 10:07:19 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ET8V0YFX44&gtm=45je3ab0&_p=2128780217&cid=1107798983.1697191640&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697191639&sct=1&seg=0&dl=https%3A%2F%2Fwww.xtandipricing.com%2F&dr=https%3A%2F%2Faboutblaw.com%2F&dt=XTANDI%C2%AE%E2%80%80(enzalutamide)%20Pricing%20Information&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ET8V0YFX44&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 10:07:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtandipricing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2128780217&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xtandipricing.com%2F&dr=https%3A%2F%2Faboutblaw.com%2F&ul=en-us&de=UTF-8&dt=XTANDI%C2%AE%E2%80%80(enzalutamide)%20Pricing%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1681931710&gjid=488848762&cid=1107798983.1697191640&tid=UA-51669964-36&_gid=1304958461.1697191640&_r=1&_slc=1&gtm=45He3ab0n81MSNL7V8&z=159096157
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xtandipricing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 10:07:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtandipricing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%...
adservice.google.com/ddm/fls/i/ Frame 0E2E 		543 B
680 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F
Requested by
Host: 9914507.fls.doubleclick.net
URL: https://9914507.fls.doubleclick.net/activityi;dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e529e61ff5258b61992503d497be7a4b926d70d604a757c977d8e84e6b5e303a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9914507.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
305
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 10:07:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12947397
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSNL7V8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b2745707aa3a2929631017b6e34df05bd7bdd273e61cc1a0dd9d0ebe571a126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:07:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66491
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Oct 2023 10:07:20 GMT
activityi;dc_pre=CL6B1Mbj8oEDFRwLogMdg7oATA;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=1062112502.1697191640;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~...
12947397.fls.doubleclick.net/ Frame 3E10
Redirect Chain
  • https://12947397.fls.doubleclick.net/activityi;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=1062112502.1697191640;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=...
  • https://12947397.fls.doubleclick.net/activityi;dc_pre=CL6B1Mbj8oEDFRwLogMdg7oATA;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=1062112502.1697191640;gtm=45fe3ab0;uaa=;uab=;uafvl=;u...
456 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12947397.fls.doubleclick.net/activityi;dc_pre=CL6B1Mbj8oEDFRwLogMdg7oATA;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=1062112502.1697191640;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12947397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
7ada462a03f821c1692a2ad96bed768bc60eb3a48705a842b7649b136c58567e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtandipricing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
265
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 10:07:20 GMT
expires
Fri, 13 Oct 2023 10:07:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 10:07:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12947397.fls.doubleclick.net/activityi;dc_pre=CL6B1Mbj8oEDFRwLogMdg7oATA;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=1062112502.1697191640;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%...
adservice.google.de/ddm/fls/i/ Frame B886 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO_Ovcbj8oEDFYgNogMdHbMLqw;src=9914507;type=xtand0;cat=astel00c;ord=6155429739301;auiddc=1062112502.1697191640;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 10:07:20 GMT
expires
Fri, 13 Oct 2023 10:07:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CL6B1Mbj8oEDFRwLogMdg7oATA;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=*;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandip...
adservice.google.com/ddm/fls/z/ Frame 3E10 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CL6B1Mbj8oEDFRwLogMdg7oATA;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=*;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F
Requested by
Host: 12947397.fls.doubleclick.net
URL: https://12947397.fls.doubleclick.net/activityi;dc_pre=CL6B1Mbj8oEDFRwLogMdg7oATA;src=12947397;type=xtand0;cat=astel00j;ord=3928557263453;auiddc=1062112502.1697191640;gtm=45fe3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.xtandipricing.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12947397.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 10:07:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame EBAF 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=yxkw1uq&ref=https%3A%2F%2Fwww.xtandipricing.com%2F&upid=m98m35p&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xtandipricing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Fri, 13 Oct 2023 10:07:20 GMT
server
Kestrel
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2128780217&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xtandipricing.com%2F&dr=https%3A%2F%2Faboutblaw.com%2F&ul=en-us&de=UTF-8&dt=XTANDI%C2%AE%E2%80%80(enzalutamide)%20Pricing%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=10%25&el=%2F&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1107798983.1697191640&tid=UA-51669964-36&_gid=1304958461.1697191640&gtm=45He3ab0n81MSNL7V8&z=1384432187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:19:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74894
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2128780217&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xtandipricing.com%2F&dr=https%3A%2F%2Faboutblaw.com%2F&ul=en-us&de=UTF-8&dt=XTANDI%C2%AE%E2%80%80(enzalutamide)%20Pricing%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=%2F&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1107798983.1697191640&tid=UA-51669964-36&_gid=1304958461.1697191640&gtm=45He3ab0n81MSNL7V8&z=780580188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:19:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74894
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2128780217&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.xtandipricing.com%2F&dr=https%3A%2F%2Faboutblaw.com%2F&ul=en-us&de=UTF-8&dt=XTANDI%C2%AE%E2%80%80(enzalutamide)%20Pricing%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50%25&el=%2F&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1107798983.1697191640&tid=UA-51669964-36&_gid=1304958461.1697191640&gtm=45He3ab0n81MSNL7V8&z=977158875
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtandipricing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:19:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74894
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal function| ttd_dom_ready function| TTDUniversalPixelApi object| gaplugins object| gaData function| expandMedical function| expandCommercial function| expandUninsured function| gtag

8 Cookies

Domain/Path Name / Value
.www.xtandipricing.com/ Name: ARRAffinity
Value: bbd6ead7a2eaf263a28f8fdcf38a3928d7e8a83d85fb04c5a70f09d82383c0f0
.www.xtandipricing.com/ Name: ARRAffinitySameSite
Value: bbd6ead7a2eaf263a28f8fdcf38a3928d7e8a83d85fb04c5a70f09d82383c0f0
.xtandipricing.com/ Name: _gcl_au
Value: 1.1.1062112502.1697191640
.xtandipricing.com/ Name: _ga
Value: GA1.2.1107798983.1697191640
.xtandipricing.com/ Name: _gid
Value: GA1.2.1304958461.1697191640
.xtandipricing.com/ Name: _gat_UA-51669964-36
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnY6wmjryyJjaOb_rVYqtd6HC-j98m9baECMoGuOtDJ1NFtZ5Ot-WV6VV8polI
.xtandipricing.com/ Name: _ga_ET8V0YFX44
Value: GS1.1.1697191639.1.0.1697191640.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12947397.fls.doubleclick.net
9914507.fls.doubleclick.net
aboutblaw.com
adservice.google.com
adservice.google.de
insight.adsrvr.org
js.adsrvr.org
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.xtandipricing.com
108.138.15.119
142.250.186.70
15.197.193.217
20.40.202.0
2001:4860:4802:34::36
2600:9000:2240:5600:10:6f26:8380:93a1
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:82b::2002
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
1b65459ce7dd6c3a8437c538161cd2e832a0b20634ecb038c89ac369d568fd12
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
202d9d0309f420f4dcf48e1038d25dce0d71d7bf7e7a73eea844d77e3054445f
2a8fb7ae0ea764603398d06fb1625bb7032bf218710e732af5a68f3d065a1caa
342e6c5f373ffc9c50a0dc65f409290711afc6defbf1c6c87a81f8d969f4a522
361a9dbbd9e72f05f847a4170e61014615fe8e373a1165ecefa753585b42b5c3
607db63ca607498201587c0bf1e32b886bed26811b111c149408d32a9131d1eb
6462d3011d9090607dacc6e953dd8d34494ff714ff0c8cf846e2f05419126283
6b2745707aa3a2929631017b6e34df05bd7bdd273e61cc1a0dd9d0ebe571a126
7ada462a03f821c1692a2ad96bed768bc60eb3a48705a842b7649b136c58567e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
afc6552f5a1de82ff9f1b18ea4d5821ed2e52fb0f319a900a26165f2229b9562
b2eaee2edb9040dc8ba5f28b4c3c070985a26e4ee9d54fb6bf63beec2f272139
b46a2aa7fc5c917becc01f8e0cf0224d5743ceb33ecd399b34ee0928f8d3ba84
d7d22de4aa0ea903c3a639108536aab282650dc14c9f16606931ab76dd89f870
db11d7c2f6045d8e8839cc15982c0ed9713025834cfeaa2f8d66cbe2a2ac2273
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4210c4aa5ad14ba2eedb8ccc6ddef360522f399cbf72e485541c6b90309332b
e529e61ff5258b61992503d497be7a4b926d70d604a757c977d8e84e6b5e303a
ee5c59c4d662d943b5ca21b1b1432eb55b10162491cc21f4bd74a2bf1746370c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f094e877ceed892fb1fe637c1643f3050363d13b9e19a9137c59942f5f305e76
f107a4c66cec406d8dd7bc17778f8bbcf9705883a9c8c9b5e402fa7bdd524e7f