urlscan.io logo urlscan.io
SecurityTrails logo

portal.leicaus.com Open in urlscan Pro
4.35.2.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portal.leicaus.com/
Effective URL: https://portal.leicaus.com/index.cfm
Submission: On May 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 4.35.2.149, located in Memphis, United States and belongs to LEVEL3, US. The main domain is portal.leicaus.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 20th 2021. Valid for: a year.
This is the only time portal.leicaus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 4.35.2.149 3356 (LEVEL3)
2 2a00:1450:400... 15169 (GOOGLE)
20 3
Apex Domain
Subdomains		 Transfer
18 leicaus.com
portal.leicaus.com
87 KB
2 google-analytics.com
ssl.google-analytics.com
17 KB
0 etrigue.com Failed
trk.etrigue.com Failed
20 3
Domain Requested by
18 portal.leicaus.com 1 redirects portal.leicaus.com
2 ssl.google-analytics.com portal.leicaus.com
0 trk.etrigue.com Failed portal.leicaus.com
20 3

This site contains links to these domains. Also see Links.

Domain
leica-geosystems.com
www.leica-geosystems.us
www.hexagon.com
Subject Issuer Validity Valid
portal.leicaus.com
Go Daddy Secure Certificate Authority - G2		 2021-05-20 -
2022-06-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://portal.leicaus.com/index.cfm
Frame ID: 80AE84A5B0EFB62D494DB32E66354B65
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://portal.leicaus.com/ HTTP 302
    https://portal.leicaus.com/index.cfm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

104 kB
Transfer

172 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portal.leicaus.com/ HTTP 302
    https://portal.leicaus.com/index.cfm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.cfm
portal.leicaus.com/
Redirect Chain
  • http://portal.leicaus.com/
  • https://portal.leicaus.com/index.cfm
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5fcf3fb79354be1d1aef2e98d303f2b976236d8d543779dc18afaa7068c1af69

Request headers

Host
portal.leicaus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CFID=673565; CFTOKEN=bd09fec6efdaa6da-954EBDCB-5056-8236-9A3A14BAC1502250; JSESSIONID=07DEF585C902484C3920D43BCD59EF9A.cfusion; LEICAPORTAL_TESTCOOKIES=954EBE2D%2D5056%2D8236%2D9A29AFA1CFAF6A56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Date
Fri, 21 May 2021 12:37:32 GMT
Content-Length
3212

Redirect headers

Cache-Control
no-cache
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
Location
https://portal.leicaus.com/index.cfm
Server
Microsoft-IIS/8.5
Set-Cookie
CFID=673565; Expires=Sat, 22-May-2021 12:37:32 GMT; Path=/; HttpOnly CFTOKEN=bd09fec6efdaa6da-954EBDCB-5056-8236-9A3A14BAC1502250; Expires=Sat, 22-May-2021 12:37:32 GMT; Path=/; HttpOnly JSESSIONID=07DEF585C902484C3920D43BCD59EF9A.cfusion; Path=/; HttpOnly LEICAPORTAL_TESTCOOKIES=954EBE2D%2D5056%2D8236%2D9A29AFA1CFAF6A56; Expires=Sun, 14-May-2051 12:37:32 GMT; Path=/
X-Powered-By
ASP.NET
Date
Fri, 21 May 2021 12:37:32 GMT
style_ns_v2.css
portal.leicaus.com/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.leicaus.com/css/style_ns_v2.css
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
39f5819a5b73c034d7e2a9bd956fdee10b7de0c61cc54c31335279c2f096b041

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://portal.leicaus.com/index.cfm
Cookie
CFID=673565; CFTOKEN=bd09fec6efdaa6da-954EBDCB-5056-8236-9A3A14BAC1502250; JSESSIONID=07DEF585C902484C3920D43BCD59EF9A.cfusion; LEICAPORTAL_TESTCOOKIES=954EBE2D%2D5056%2D8236%2D9A29AFA1CFAF6A56
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 May 2020 20:08:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"57e01842ab24d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3129
global.js
portal.leicaus.com/scripts/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.leicaus.com/scripts/global.js
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7a303e6e04fbfc5b17a0b7f072bb212a5fe52132255e89fd9af19384e9ea8705

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://portal.leicaus.com/index.cfm
Cookie
CFID=673565; CFTOKEN=bd09fec6efdaa6da-954EBDCB-5056-8236-9A3A14BAC1502250; JSESSIONID=07DEF585C902484C3920D43BCD59EF9A.cfusion; LEICAPORTAL_TESTCOOKIES=954EBE2D%2D5056%2D8236%2D9A29AFA1CFAF6A56
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2021 14:24:56 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"80f58c81b8ffd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7375
checkbox_v2.js
portal.leicaus.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.leicaus.com/scripts/checkbox_v2.js
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f6ad32c8e82dff27b6024c6056b1a1edac4312a8bfb10d476afbc24ff4025b9a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://portal.leicaus.com/index.cfm
Cookie
CFID=673565; CFTOKEN=bd09fec6efdaa6da-954EBDCB-5056-8236-9A3A14BAC1502250; JSESSIONID=07DEF585C902484C3920D43BCD59EF9A.cfusion; LEICAPORTAL_TESTCOOKIES=954EBE2D%2D5056%2D8236%2D9A29AFA1CFAF6A56
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Mar 2015 19:54:17 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"dad96dffb456d01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1016
cookieconsent.min.css
portal.leicaus.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.leicaus.com/css/cookieconsent.min.css
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b7772f55cfbd12db6a1dd9a9b821f1b7bfebb81e181326caee70b28c1f25eb37

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://portal.leicaus.com/index.cfm
Cookie
CFID=673565; CFTOKEN=bd09fec6efdaa6da-954EBDCB-5056-8236-9A3A14BAC1502250; JSESSIONID=07DEF585C902484C3920D43BCD59EF9A.cfusion; LEICAPORTAL_TESTCOOKIES=954EBE2D%2D5056%2D8236%2D9A29AFA1CFAF6A56
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 13:33:48 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"214e9f0b215d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1435
cookieconsent.min.js
portal.leicaus.com/scripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.leicaus.com/scripts/cookieconsent.min.js
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0cc856f012c278dd128d06c74df89a02cc98367b686bcb3da6e833c1f4f66874

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://portal.leicaus.com/index.cfm
Cookie
CFID=673565; CFTOKEN=bd09fec6efdaa6da-954EBDCB-5056-8236-9A3A14BAC1502250; JSESSIONID=07DEF585C902484C3920D43BCD59EF9A.cfusion; LEICAPORTAL_TESTCOOKIES=954EBE2D%2D5056%2D8236%2D9A29AFA1CFAF6A56
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 13:33:01 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"7b9ee4b115d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3859
leica_logo.gif
portal.leicaus.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/leica_logo.gif
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
49efe37d3a52ec99365eb9f779a819e407da633be6fe83a5db56125476f9a4b4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:08 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"73aa42e7b156d01:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1468
when_it_has_to_right.jpg
portal.leicaus.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/when_it_has_to_right.jpg
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2ae3f729c0544d78d0502ff601988097aef8c4c28d119ba7a95625e4b8d062d5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:09 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"49b6f0e7b156d01:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
20992
bar_grey.gif
portal.leicaus.com/images/ 		47 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/bar_grey.gif
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
48affaef9f0bac9ba7c673fbf5bfdaea61b52d34a8cc9891cf1c196344401854

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:07 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"4ad7cde6b156d01:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
47
bar_edge.gif
portal.leicaus.com/images/ 		67 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/bar_edge.gif
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a9657fcbdf01517caccbb0cbea098edcc47e9474d9154b34e2cd9f7b45c2bb97

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:07 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"4ad7cde6b156d01:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
67
pixel_clear.gif
portal.leicaus.com/images/ 		43 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/pixel_clear.gif
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:08 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"630a9e7b156d01:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
43
redline.gif
portal.leicaus.com/images/ 		823 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/redline.gif
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6a89368d2177c3657fb711a13844c782f2924ccb76333cd0dc0877932e783eaf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:09 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"93b9b2e7b156d01:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
823
Login.jpg
portal.leicaus.com/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/Login.jpg
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a1137ed140da40f36115f1d915740000a34154fb6cb9a46db2e6b0c8b0db9952

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:08 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"79d149e7b156d01:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
40458
bar_red.gif
portal.leicaus.com/images/ 		47 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/bar_red.gif
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
098886494b6e1463b0ef9d9cf9c178f420228aa4fa4b8fe3285660bc63fa8506

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:07 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"4ad7cde6b156d01:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
47
bar_red_edge.gif
portal.leicaus.com/images/ 		66 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/bar_red_edge.gif
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
35db554b5e38910acb224ad73b5cb88753d55e0e8a69b9d71e173d1958efbef0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:07 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"d039d0e6b156d01:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
66
title_bar_Empty.gif
portal.leicaus.com/images/ 		167 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/title_bar_Empty.gif
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/css/style_ns_v2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
78a25cd562986d2ac9724050d411ad7676de76b30751f2eb112d25d68266d742

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/css/style_ns_v2.css
Connection
keep-alive
Referer
https://portal.leicaus.com/css/style_ns_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:33 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:09 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"f22ce7e7b156d01:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
167
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.leicaus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1396
date
Fri, 21 May 2021 12:14:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 21 May 2021 14:14:17 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2021319423&utmhn=portal.leicaus.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Leica%20Geosystems%20Americas%20-%20Business%20Resource%20Portal&utmhid=1053174650&utmr=-&utmp=%2Findex.cfm&utmht=1621600653868&utmac=UA-9111543-1&utmcc=__utma%3D186678057.1984594981.1621600654.1621600654.1621600654.1%3B%2B__utmz%3D186678057.1621600654.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=961744870&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: portal.leicaus.com
URL: https://portal.leicaus.com/index.cfm
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.leicaus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 May 2021 12:37:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
etriguelive.js
trk.etrigue.com/ 		0
0
box_unchecked.gif
portal.leicaus.com/images/ 		64 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.leicaus.com/images/box_unchecked.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
4.35.2.149 Memphis, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9c85d8b874ad35f1c04720b193db02818608c00ef884a0abf335f4eac575a22e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.leicaus.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://portal.leicaus.com/index.cfm
Cookie
__utma=186678057.1984594981.1621600654.1621600654.1621600654.1; __utmc=186678057; __utmz=186678057.1621600654.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=186678057.1.10.1621600654
Connection
keep-alive
Referer
https://portal.leicaus.com/index.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 12:37:34 GMT
Last-Modified
Wed, 04 Mar 2015 19:32:07 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c39bd2e6b156d01:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
64

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trk.etrigue.com
URL
https://trk.etrigue.com/etriguelive.js

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| showMenu function| quickFinder function| showDesc function| fetch_object function| nullLink function| GetSelectedButton function| getCheckedValue function| CheckRadio function| GetItinerary function| GetPrint function| ChangePassword function| EditLocation function| EditManager function| AuthorizeBrowser function| SwitchPortal function| EditContactInfo function| EditContactInfo2 function| ContactInfoViewAll function| RetrieveAccountInfo function| EditEmailPreference function| EditProductPreference function| OpenMP3Player function| OpenNewPage function| OpenVideoPlayer function| ViewLoggedUsers function| OpenDropBoxLink function| EditChannelEyes function| EditItineraryPreference function| EditPDMetrics function| ViewPhases function| AddPhase function| ViewLocations function| AddLocation function| EditNewsletterGroupMembers function| ViewDevices function| AddDevice function| FindSubProduct function| AddQuoteItem function| ViewQuoteSpecialNotes function| ViewActivityNextMoves function| ViewLocationComments function| ViewLocationPhotos function| ViewProjectPhotos function| stripCrap function| CheckTradeshowForm function| CheckPackageForm function| CheckPartForm function| OpenCalendar function| OpenCalendar2 function| trimAll function| isNumeric function| Reformat function| NumberFormat function| ltrim function| rtrim function| trim function| chkdate function| LeapYear function| ExpandingWindow function| toggleLayer function| toggleForm function| toggleForm2 function| toggleDisabled function| toggleParentDisabled undefined| ns4 undefined| ie4 boolean| ns6 number| dragswitch undefined| nsx undefined| nsy undefined| nstemp function| drag_dropns function| gons function| dragns function| stopns function| drag_drop function| drag_drop2 function| initializedrag function| initializedrag2 function| GetWindowWidth function| GetWindowHeidth boolean| canDOM object| inputs string| imgFalse string| imgTrue function| init function| replaceChecks function| CheckAllNew function| checkChange string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal object| _etgq object| wpcc

5 Cookies

Domain/Path Name / Value
.portal.leicaus.com/ Name: __utmt
Value: 1
.portal.leicaus.com/ Name: __utmz
Value: 186678057.1621600654.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.portal.leicaus.com/ Name: __utmc
Value: 186678057
.portal.leicaus.com/ Name: __utmb
Value: 186678057.1.10.1621600654
.portal.leicaus.com/ Name: __utma
Value: 186678057.1984594981.1621600654.1621600654.1621600654.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

portal.leicaus.com
ssl.google-analytics.com
trk.etrigue.com
trk.etrigue.com
2a00:1450:4001:812::2008
4.35.2.149
098886494b6e1463b0ef9d9cf9c178f420228aa4fa4b8fe3285660bc63fa8506
0cc856f012c278dd128d06c74df89a02cc98367b686bcb3da6e833c1f4f66874
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2ae3f729c0544d78d0502ff601988097aef8c4c28d119ba7a95625e4b8d062d5
35db554b5e38910acb224ad73b5cb88753d55e0e8a69b9d71e173d1958efbef0
39f5819a5b73c034d7e2a9bd956fdee10b7de0c61cc54c31335279c2f096b041
48affaef9f0bac9ba7c673fbf5bfdaea61b52d34a8cc9891cf1c196344401854
49efe37d3a52ec99365eb9f779a819e407da633be6fe83a5db56125476f9a4b4
5fcf3fb79354be1d1aef2e98d303f2b976236d8d543779dc18afaa7068c1af69
6a89368d2177c3657fb711a13844c782f2924ccb76333cd0dc0877932e783eaf
78a25cd562986d2ac9724050d411ad7676de76b30751f2eb112d25d68266d742
7a303e6e04fbfc5b17a0b7f072bb212a5fe52132255e89fd9af19384e9ea8705
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9c85d8b874ad35f1c04720b193db02818608c00ef884a0abf335f4eac575a22e
a1137ed140da40f36115f1d915740000a34154fb6cb9a46db2e6b0c8b0db9952
a9657fcbdf01517caccbb0cbea098edcc47e9474d9154b34e2cd9f7b45c2bb97
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7772f55cfbd12db6a1dd9a9b821f1b7bfebb81e181326caee70b28c1f25eb37
f6ad32c8e82dff27b6024c6056b1a1edac4312a8bfb10d476afbc24ff4025b9a