Report - www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23mackenzie.leatherman@slurpmail.net

Report Overview

Visited public
2025-04-10 12:12:17
Tags
URL
www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23mackenzie.leatherman@slurpmail.net
Finishing URL
launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html
IP / ASN
216.82.192.99
#55103 THIN-NOLOGY
Title
launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html

Detections

urlquery

0

Network Intrusion Detection

1

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
launaywjjde.us-ord-1.linodeobjects.com	unknown	2018-07-11	2025-04-08	2025-04-08	1.5 kB	1.4 kB	172.232.10.25
www.texasbarcle.com	276632	1997-02-28	2017-02-05	2025-04-08	602 B	635 B	216.82.192.99
docsend.com	58938	2012-07-18	2014-04-04	2025-04-07	1.0 kB	9.5 kB	143.204.55.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-10 12:11:55	low	Client IP	143.204.55.97	ET INFO Document Sharing Site Domain Observed in TLS SNI (docsend .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (6)

	URL	IP	Response	Size
	launaywjjde.us-ord-1.linodeobjects.com/favicon.ico	172.232.10.25	403 Forbidden	230 B
URL GET launaywjjde.us-ord-1.linodeobjects.com/favicon.ico IP 172.232.10.25:80 ASN #63949 Akamai Connected Cloud Requested by http://launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html File type XML 1.0 document, ASCII text, with no line terminators Size 230 B (230 bytes) Hash 196f70993b5e09842df2fbbf60833fc6 9572a9da470122097843005721deddd1dbeb1b01 6be5d4bf758910bd7ca68b805e10564aa4e96bc52ee9be6e275286c1fb757aba HTTP Headers `GET /favicon.ico HTTP/1.1 Host: launaywjjde.us-ord-1.linodeobjects.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 403 Forbidden Date: Thu, 10 Apr 2025 12:11:57 GMT Content-Type: application/xml Content-Length: 230 Connection: keep-alive x-amz-request-id: tx00000f49bfbe286ff8403-0067f7b58d-d27cabf0-default Accept-Ranges: bytes`

	www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23mackenzie.leatherman@slurpmail.net	216.82.192.99	302 Object moved	230 B
URL User Request GET www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23mackenzie.leatherman@slurpmail.net IP 216.82.192.99:443 ASN #55103 THIN-NOLOGY Certificate IssuerSectigo Limited Subjectwww.texasbarcle.com Fingerprint32:65:17:9B:0A:1E:D3:B7:E0:6D:6A:5E:5E:9D:60:43:FD:09:4A:80 ValidityMon, 16 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT File type Size 230 B (230 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23mackenzie.leatherman@slurpmail.net HTTP/1.1 Host: www.texasbarcle.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Object moved Cache-Control: private Content-Length: 201 Content-Type: text/html Expires: Thu, 10 Apr 2025 12:10:57 GMT Location: https://docsend.com/view/xzzmu6iec68nekas%2523mackenzie.leatherman@slurpmail.net Server: Microsoft-IIS/8.5 X-Robots-Tag: none Set-Cookie: ASPSESSIONIDSADSTRDR=MPEPDLHDDDHEMMIHOHJHCOKN; path=/ X-Powered-By: ASP.NET Date: Thu, 10 Apr 2025 12:11:56 GMT`

	docsend.com/view/xzzmu6iec68nekas%2523mackenzie.leatherman@slurpmail.net	143.204.55.97	301 Moved Permanently	230 B
URL User Request GET docsend.com/view/xzzmu6iec68nekas%2523mackenzie.leatherman@slurpmail.net IP 143.204.55.97:443 ASN #16509 AMAZON-02 Certificate IssuerDigiCert Inc Subject.docsend.com Fingerprint4F:11:A6:36:35:38:03:23:7E:63:6C:A4:BA:02:D3:CD:2B:64:42:5A ValidityMon, 08 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT File type Size 230 B (230 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /view/xzzmu6iec68nekas%2523mackenzie.leatherman@slurpmail.net HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Server: Cowboy Date: Thu, 10 Apr 2025 12:11:55 GMT Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1744287116&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=TSi7e8ID4U0XErzS7Yiw1JbL0k9QmmUKKGrHguO%2FALE%3D"}]} Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1744287116&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=TSi7e8ID4U0XErzS7Yiw1JbL0k9QmmUKKGrHguO%2FALE%3D Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Via: 1.1 vegur, 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) Location: https://docsend.com/view/xzzmu6iec68nekas Cache-Control: no-cache Content-Security-Policy-Report-Only: connect-src 'self' blob: https://browser-intake-datadoghq.com https://browser-intake-us3-datadoghq.com https://browser-intake-us5-datadoghq.com https://d.dropbox.com https://www.dropbox.com https://.pubnub.com https://api.sprig.com wss://nexus-websocket-a.intercom.io https://api-iam.intercom.io https://www.googletagmanager.com https://analytics.google.com https://.g.doubleclick.net https://www.google-analytics.com https://edge.fullstory.com https://rs.fullstory.com https://events.statsigapi.net https://featuregates.org; frame-src 'self' https://js.stripe.com https://checkout.stripe.com https://chat.dropbox.com https://marketing.docsend.com https://dropboxcaptcha.com https://accounts.google.com/gsi/; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://assets.docsend.com https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://accounts.google.com/gsi/client https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com 'nonce-5ajm7+Ma6hzIUKk2KIF0XA=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: e37c69e9-2304-4091-a3ac-84526c96b635 X-Runtime: 0.002936 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Vary: Origin X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ZcPC0tKk4EQb6jTLgj5DTb5phnN-9iYyoEVUZptE5JttWpVGypqC-A==

	docsend.com/view/xzzmu6iec68nekas	143.204.55.97	302 Found	230 B
URL User Request GET docsend.com/view/xzzmu6iec68nekas IP 143.204.55.97:443 ASN #16509 AMAZON-02 Certificate IssuerDigiCert Inc Subject.docsend.com Fingerprint4F:11:A6:36:35:38:03:23:7E:63:6C:A4:BA:02:D3:CD:2B:64:42:5A ValidityMon, 08 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT File type Size 230 B (230 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /view/xzzmu6iec68nekas HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Server: Cowboy Date: Thu, 10 Apr 2025 12:11:55 GMT Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1744287116&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=TSi7e8ID4U0XErzS7Yiw1JbL0k9QmmUKKGrHguO%2FALE%3D"}]} Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1744287116&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=TSi7e8ID4U0XErzS7Yiw1JbL0k9QmmUKKGrHguO%2FALE%3D Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Via: 1.1 vegur, 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Location: https://launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html Cache-Control: no-cache Content-Security-Policy: connect-src 'self' blob: https://assets.docsend.com https://d1ng9lshxk6v9w.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://featuregates.org https://events.statsigapi.net https://browser-intake-datadoghq.com https://browser-intake-us3-datadoghq.com https://browser-intake-us5-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://events.statsigapi.net/v1/rgstr https://statsigapi.net/v1/sdk_exception https://.id.opendns.com https://www.google-analytics.com https://analytics.google.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; frame-src 'self' https://assets.docsend.com https://.previews.dropboxusercontent.com https://marketing.docsend.com https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://td.doubleclick.net https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://accounts.google.com/gsi/ https://telemetryservice.firstpartyapps.oaspapps.com https://dropboxcaptcha.com https://www.dropbox.com https://ifttt.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://assets.docsend.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://accounts.google.com/gsi/client https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com 'nonce-ABGNr8PBmm2/RQzduuVE5w=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d1ng9lshxk6v9w.cloudfront.net https://js.intercomcdn.com https://.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://assets.docsend.com https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net https://accounts.google.com/gsi/style; worker-src 'self' blob: Set-Cookie: _v_=rmnKZr1K3Brbj0r8mtN1DsoDF%2BeeTiDiq11hl9ZfuxSHrYZonzPiN3ewmyJoH7GxRVDOBqwTFaa%2F8JkxjT3L4ICUcJtJyrYkXBMGnWqLIzsq%2FBnKC0MHgHI%3D--uU7RR9DEJAjoZ2lT--ntJuteFwDpsSQlGU9HpyEA%3D%3D; domain=docsend.com; path=/; expires=Fri, 10 Apr 2026 12:11:56 GMT; SameSite=None; secure _us_=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkluWnBaWGRsWkNCa2IyTWkiLCJleHAiOm51bGwsInB1ciI6ImNvb2tpZS5fdXNfIn19--d99e89135b29409ec95f7b01021ec543a463b2ba; domain=docsend.com; path=/; expires=Mon, 10 Apr 2045 12:11:56 GMT; SameSite=None; secure _dss_=7d351f4e1a3cecf34c4436a0ccf4391f; domain=docsend.com; path=/; secure; HttpOnly; SameSite=None X-Request-Id: 1da414c6-5417-4a26-9394-c834a5d63ff6 X-Runtime: 0.079634 Vary: Accept-Encoding, Origin Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: VthPzCvqxXCM3_BxRpzlUQVc7Tq3Sf9eo-_ZEScuJ1ZL9cGMh2KQhA==

	launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html	172.234.202.136	403 Forbidden	230 B
URL User Request GET launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html IP 172.234.202.136:443 ASN #63949 Akamai Connected Cloud Certificate IssuerLet's Encrypt Subjectus-ord-1.linodeobjects.com Fingerprint39:6F:9D:90:9C:7B:5E:7B:9F:59:7E:DB:E6:CD:CF:35:E9:DB:05:4A ValiditySun, 16 Mar 2025 11:08:56 GMT - Sat, 14 Jun 2025 11:08:55 GMT File type XML 1.0 document, ASCII text, with no line terminators Size 230 B (230 bytes) Hash b60457ada13ba06fc2d801f6a91b81ad 5c5cd6cd219c025a0cf41d061c7402808a6a5c52 b34457fb90c62ff39f290cd06cba9e7ad5319a85887c45ca429ee97c2f690287 HTTP Headers GET /lbedkaprizpfrtintysqyksnmzbkeg/index.html HTTP/1.1 Host: launaywjjde.us-ord-1.linodeobjects.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 403 Forbidden Date: Thu, 10 Apr 2025 12:11:57 GMT Content-Type: application/xml Content-Length: 230 Connection: keep-alive x-amz-request-id: tx000006233a44c50020ef0-0067f7b58c-d48a6276-default Accept-Ranges: bytes`

	launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html	172.232.10.25	403 Forbidden	230 B
URL User Request GET launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html IP 172.232.10.25:80 ASN #63949 Akamai Connected Cloud File type XML 1.0 document, ASCII text, with no line terminators Size 230 B (230 bytes) Hash acc719a49dfd28ab88901b4e7485432f 9fdd0843906af1d306202822ea3727ca15117f1d edc53f7833fb776d29b890c315dced8dea7de64bd2c6600693572bd11a2e2846 HTTP Headers `GET /lbedkaprizpfrtintysqyksnmzbkeg/index.html HTTP/1.1 Host: launaywjjde.us-ord-1.linodeobjects.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 403 Forbidden Date: Thu, 10 Apr 2025 12:11:57 GMT Content-Type: application/xml Content-Length: 230 Connection: keep-alive x-amz-request-id: tx00000b367a8ee676ba5a7-0067f7b58d-d27d521f-default Accept-Ranges: bytes`