autodiscover.vm948.fcomet.com
Open in
urlscan Pro
104.237.143.208
Public Scan
Submission: On January 14 via api from US — Scanned from IS
Summary
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on January 6th 2024. Valid for: a year.
This is the only time autodiscover.vm948.fcomet.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 104.237.143.208 104.237.143.208 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
1 | 172.217.18.8 172.217.18.8 | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.194.132 151.101.194.132 | 54113 (FASTLY) (FASTLY) | |
2 | 142.250.181.234 142.250.181.234 | 15169 (GOOGLE) (GOOGLE) | |
3 | 150.171.29.10 150.171.29.10 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 13.107.253.45 13.107.253.45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 142.250.185.110 142.250.185.110 | 15169 (GOOGLE) (GOOGLE) | |
1 | 173.194.76.155 173.194.76.155 | 15169 (GOOGLE) (GOOGLE) | |
1 | 216.58.206.34 216.58.206.34 | 15169 (GOOGLE) (GOOGLE) | |
3 | 4.153.129.168 4.153.129.168 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 13.74.129.1 13.74.129.1 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 204.79.197.237 204.79.197.237 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
29 | 11 |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: web.govdirections.com
autodiscover.vm948.fcomet.com |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
ajax.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
analytics.google.com |
ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
td.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
fcomet.com
autodiscover.vm948.fcomet.com |
477 KB |
8 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 625 b.clarity.ms — Cisco Umbrella Rank: 8098 c.clarity.ms — Cisco Umbrella Rank: 1269 |
33 KB |
4 |
bing.com
1 redirects
bat.bing.com — Cisco Umbrella Rank: 359 c.bing.com — Cisco Umbrella Rank: 205 |
17 KB |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 |
554 B |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415 |
33 KB |
1 |
google.com
analytics.google.com — Cisco Umbrella Rank: 142 |
|
1 |
acuityscheduling.com
embed.acuityscheduling.com — Cisco Umbrella Rank: 122961 |
5 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
134 KB |
29 | 8 |
Domain | Requested by | |
---|---|---|
12 | autodiscover.vm948.fcomet.com |
autodiscover.vm948.fcomet.com
|
3 | b.clarity.ms |
www.clarity.ms
|
3 | www.clarity.ms |
autodiscover.vm948.fcomet.com
bat.bing.com www.clarity.ms |
3 | bat.bing.com |
autodiscover.vm948.fcomet.com
bat.bing.com |
2 | c.clarity.ms | 1 redirects |
2 | ajax.googleapis.com |
autodiscover.vm948.fcomet.com
|
1 | c.bing.com | 1 redirects |
1 | td.doubleclick.net |
www.googletagmanager.com
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | embed.acuityscheduling.com |
autodiscover.vm948.fcomet.com
|
1 | www.googletagmanager.com |
autodiscover.vm948.fcomet.com
|
29 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
govdirections.com |
www.govadvice.com |
apps.apple.com |
play.google.com |
govdirections-llc-1.getrewardful.com |
app.acuityscheduling.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.govdirections.com RapidSSL TLS RSA CA G1 |
2024-01-06 - 2025-01-25 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
acuityscheduling.com GlobalSign Atlas R3 DV TLS CA 2024 Q3 |
2024-07-21 - 2025-08-22 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
www.bing.com Microsoft Azure RSA TLS Issuing CA 08 |
2024-12-15 - 2025-06-13 |
6 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2024-09-04 - 2025-09-04 |
a year | crt.sh |
*.google.com WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
*.doubleclick.net WR2 |
2024-12-09 - 2025-03-03 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08 |
2024-06-23 - 2025-06-18 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://autodiscover.vm948.fcomet.com/
Frame ID: FB4CA3A41308B872E7B0E6E2D8E107BC
Requests: 28 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/ga/rul?tid=G-M4V9FLFS1W&gacid=794319263.1736859545>m=45je51d0v884263850za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1034915097
Frame ID: D8CF2456999157E567C3DEC513D8B953
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Government Bids Contracts | GovDirectionsDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Member Home
Search URL Search Domain Scan URL
Title: Bid Categories
Search URL Search Domain Scan URL
Title: RFP Writing
Search URL Search Domain Scan URL
Title: Sign Up | Free Alert
Search URL Search Domain Scan URL
Title: Prices
Search URL Search Domain Scan URL
Title: Video Demonstration:
Search URL Search Domain Scan URL
Title: Wildfires, Hurricanes Milton and Helene Disaster RFPs
Search URL Search Domain Scan URL
Title: Wildfire Recovery Bids
Search URL Search Domain Scan URL
Title: Subcontracting Opps
Search URL Search Domain Scan URL
Title: Janitorial Bids
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Affiliate Program
Search URL Search Domain Scan URL
Title: Legal Info
Search URL Search Domain Scan URL
Title: Privacy Statement
Search URL Search Domain Scan URL
Title: User Agreement
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: State Bids Coverage
Search URL Search Domain Scan URL
Title: Frequent Questions
Search URL Search Domain Scan URL
Title: Search Government Bids by NAICS
Search URL Search Domain Scan URL
Title: State
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Schedule Demonstration
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=328C1472BC2C4CB8999DAA36669AB36D&RedC=c.clarity.ms&MXFR=1E0C0BB496AB6D9516C61EC092AB630C HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=328C1472BC2C4CB8999DAA36669AB36D&MUID=17D0788D7635609B1C7F6DF977336146
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
autodiscover.vm948.fcomet.com/ |
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
autodiscover.vm948.fcomet.com/css/ |
121 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
autodiscover.vm948.fcomet.com/css/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
410 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govdirections-logo.png
autodiscover.vm948.fcomet.com/images/ |
181 KB 182 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
15853529.js
embed.acuityscheduling.com/embed/bar/ |
16 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsiveTableplugin.css
autodiscover.vm948.fcomet.com/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsiveTablePlugin.js
autodiscover.vm948.fcomet.com/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apple-app-store-badge.png
autodiscover.vm948.fcomet.com/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-play-badge.png
autodiscover.vm948.fcomet.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
autodiscover.vm948.fcomet.com/js/ |
36 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9nu9chclwz
www.clarity.ms/tag/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glyphicons-halflings-regular.woff2
autodiscover.vm948.fcomet.com/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20265696.js
bat.bing.com/p/action/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 554 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rul
td.doubleclick.net/td/ga/ Frame D8CF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20265696
www.clarity.ms/tag/uet/ |
867 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.62/ |
67 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ |
94 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 287 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
b.clarity.ms/ |
0 293 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
b.clarity.ms/ |
0 293 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 443 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon_compliant96.ico
autodiscover.vm948.fcomet.com/img/ |
37 KB 37 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon_compliant96.ico
autodiscover.vm948.fcomet.com/img/ |
37 KB 37 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
b.clarity.ms/ |
0 293 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| gtag object| dataLayer object| uetq function| clarity boolean| ACUITY_MODAL_INIT function| UET function| UET_init function| UET_push object| ueto_0ddda5f26a object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery function| responsiveTable function| balanceSize object| jQuery111308483566781546348 object| jQuery111306539701247097158 object| clarityuetq15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fcomet.com/ | Name: _ga Value: GA1.1.794319263.1736859545 |
|
.fcomet.com/ | Name: _ga_M4V9FLFS1W Value: GS1.1.1736859544.1.0.1736859544.60.0.0 |
|
.fcomet.com/ | Name: _uetsid Value: 5592f4d0d27711efb6b9d5e31ab886e6 |
|
.fcomet.com/ | Name: _uetvid Value: 559316a0d27711ef929f0bb6f56316e0 |
|
.bing.com/ | Name: MUID Value: 17D0788D7635609B1C7F6DF977336146 |
|
www.clarity.ms/ | Name: CLID Value: f95fce3443734be996e8023b79d63f9b.20250114.20260114 |
|
.fcomet.com/ | Name: _clck Value: 9664hb%7C2%7Cfsk%7C0%7C1840 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.fcomet.com/ | Name: _clsk Value: 1tjklaj%7C1736859546066%7C1%7C1%7Cb.clarity.ms%2Fcollect |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 17D0788D7635609B1C7F6DF977336146 |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 17D0788D7635609B1C7F6DF977336146 |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
analytics.google.com
autodiscover.vm948.fcomet.com
b.clarity.ms
bat.bing.com
c.bing.com
c.clarity.ms
embed.acuityscheduling.com
stats.g.doubleclick.net
td.doubleclick.net
www.clarity.ms
www.googletagmanager.com
104.237.143.208
13.107.253.45
13.74.129.1
142.250.181.234
142.250.185.110
150.171.29.10
151.101.194.132
172.217.18.8
173.194.76.155
204.79.197.237
216.58.206.34
4.153.129.168
0b85a1c402c30865c08018c020f6d076f59bc2aee9017b3a2d5c0b39ffae66ca
1082fc3becf1ef00be177a5bf5dee7ce0ca00d8b68887f6e1cce87b7cfa21742
111fb97db2721b4a69c29d8f916cd563656a64bf2f208ce21bb68c2db1a227f7
136e85615a3b82485915802697307e307ea3acea297ad839b7fc33aff51736c6
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
3f242410ec817ccce1961fe7ca54f1d5a85001622c3d1b7cb411704376d86ed2
4b66f20646f3ee88dadb575e7ea7a4ff02fb0bf16abea1e5c58de8b5d0355d31
4d44960f68d182f47370cffe8f488af59511d735daefe70b6c1f491728bbd1d6
914aa43454aa18f56fb62f2f9a4c1a7a6ac5c3fa7a1b0cbd198232a53e606184
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1a6bca671388d703e26f58c1105e0c3e4f27f7da997e61eea791ed2ec922d4a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
c812adb3ef73a24c5cad55262a4edadff36f639c484d1b61cd51fe022345cfcd
ca2e1f1679f83e986fb6400299340f48e66c8d1b3004c5acd8667c704bb8597c
cdec96528b4c4f4d1af6ac1f5a188ff5d470b73b5b90c1d6f9e54e29ea8bf95e
d1b926f05b881f37bccc67b70656885a8925ee38bbfb0df79df02bbf82883c69
e0cda8036985cf1e78a51e93737b1d8c7c23e296387edd0d7d8d6e714d1f2c8c
e2df06c183299807ebbfd6dd3e61d2baa51a272e2f75e28cfc4d306b4c0c85a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c