Report - www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas

Report Overview

Visited public
2025-04-09 22:52:09
Tags
URL
www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas
Finishing URL
launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html
IP / ASN
216.82.192.99
#55103 THIN-NOLOGY
Title
launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html

Detections

urlquery

0

Network Intrusion Detection

1

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.texasbarcle.com	276632	1997-02-28	2017-02-05	2025-04-08	565 B	596 B	216.82.192.99
docsend.com	58938	2012-07-18	2014-04-04	2025-04-07	501 B	6.2 kB	143.204.55.99
launaywjjde.us-ord-1.linodeobjects.com	unknown	2018-07-11	2025-04-08	2025-04-08	1.5 kB	1.4 kB	172.232.0.218

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-09 22:51:48	low	Client IP	143.204.55.99	ET INFO Document Sharing Site Domain Observed in TLS SNI (docsend .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (5)

	URL	IP	Response	Size
	launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html	172.232.0.218	403 Forbidden	230 B
URL User Request GET launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html IP 172.232.0.218:80 ASN #63949 Akamai Connected Cloud File type XML 1.0 document, ASCII text, with no line terminators Size 230 B (230 bytes) Hash 7b5734002fe7e0b974203f2a33c9f572 e7e1b16da98f0b5daff7510cd7cc8e434395070e 5f2d2acb5d80f75c8ede4a4e70b101e3276788ef6b687d912b07b3b3ce5b3b21 HTTP Headers `GET /lbedkaprizpfrtintysqyksnmzbkeg/index.html HTTP/1.1 Host: launaywjjde.us-ord-1.linodeobjects.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 403 Forbidden Date: Wed, 09 Apr 2025 22:51:49 GMT Content-Type: application/xml Content-Length: 230 Connection: keep-alive x-amz-request-id: tx00000811e3e47cc9ee726-0067f6fa05-d27d521f-default Accept-Ranges: bytes`

	launaywjjde.us-ord-1.linodeobjects.com/favicon.ico	172.232.0.218	403 Forbidden	230 B
URL GET launaywjjde.us-ord-1.linodeobjects.com/favicon.ico IP 172.232.0.218:80 ASN #63949 Akamai Connected Cloud Requested by http://launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html File type XML 1.0 document, ASCII text, with no line terminators Size 230 B (230 bytes) Hash 3685e8ca8527be13ee954616ed1d3f60 27c7424b58523161bb280b8b9c13199a3559f0eb 3d2f59d8616e847f52848881ccb2cda0fd5ae88247fb2c0347e7ea75833ed592 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: launaywjjde.us-ord-1.linodeobjects.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 403 Forbidden Date: Wed, 09 Apr 2025 22:51:50 GMT Content-Type: application/xml Content-Length: 230 Connection: keep-alive x-amz-request-id: tx000008ca46e754c10289f-0067f6fa06-d27c8aaa-default Accept-Ranges: bytes`

	www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas	216.82.192.99	302 Object moved	230 B
URL User Request GET www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas IP 216.82.192.99:443 ASN #55103 THIN-NOLOGY Certificate IssuerSectigo Limited Subjectwww.texasbarcle.com Fingerprint32:65:17:9B:0A:1E:D3:B7:E0:6D:6A:5E:5E:9D:60:43:FD:09:4A:80 ValidityMon, 16 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT File type Size 230 B (230 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas HTTP/1.1 Host: www.texasbarcle.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Object moved Cache-Control: private Content-Length: 162 Content-Type: text/html Expires: Wed, 09 Apr 2025 22:50:48 GMT Location: https://docsend.com/view/xzzmu6iec68nekas Server: Microsoft-IIS/8.5 X-Robots-Tag: none Set-Cookie: ASPSESSIONIDSADSTRDR=KJIHDLHDLFPBILGPCMHJHJHM; path=/ X-Powered-By: ASP.NET Date: Wed, 09 Apr 2025 22:51:48 GMT`

	docsend.com/view/xzzmu6iec68nekas	143.204.55.99	302 Found	230 B
URL User Request GET docsend.com/view/xzzmu6iec68nekas IP 143.204.55.99:443 ASN #16509 AMAZON-02 Certificate IssuerDigiCert Inc Subject.docsend.com Fingerprint4F:11:A6:36:35:38:03:23:7E:63:6C:A4:BA:02:D3:CD:2B:64:42:5A ValidityMon, 08 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT File type Size 230 B (230 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /view/xzzmu6iec68nekas HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Server: Cowboy Date: Wed, 09 Apr 2025 22:51:48 GMT Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1744239108&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=HVJIifW6HBjzNxcA57f9rluXYuz8MVTxAFGpiI3mN7Q%3D"}]} Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1744239108&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=HVJIifW6HBjzNxcA57f9rluXYuz8MVTxAFGpiI3mN7Q%3D Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Via: 1.1 vegur, 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront) X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Location: https://launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html Cache-Control: no-cache Content-Security-Policy: connect-src 'self' blob: https://assets.docsend.com https://d1ng9lshxk6v9w.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://featuregates.org https://events.statsigapi.net https://browser-intake-datadoghq.com https://browser-intake-us3-datadoghq.com https://browser-intake-us5-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://events.statsigapi.net/v1/rgstr https://statsigapi.net/v1/sdk_exception https://.id.opendns.com https://www.google-analytics.com https://analytics.google.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; frame-src 'self' https://assets.docsend.com https://.previews.dropboxusercontent.com https://marketing.docsend.com https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://td.doubleclick.net https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://accounts.google.com/gsi/ https://telemetryservice.firstpartyapps.oaspapps.com https://dropboxcaptcha.com https://www.dropbox.com https://ifttt.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://assets.docsend.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://accounts.google.com/gsi/client https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com 'nonce-jqBtWRyom4mtrZ66mt8T1g=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d1ng9lshxk6v9w.cloudfront.net https://js.intercomcdn.com https://.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://assets.docsend.com https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net https://accounts.google.com/gsi/style; worker-src 'self' blob: Set-Cookie: _v_=aaRP9c%2Fd5nLBrGVffngA2lO5mNFuFcvswGG%2FHJoNc%2FhFqhc2FBLdEgqOgtXl%2FhP6WaO86Je09UIMUD4v%2B3a6ozKFLX1xO9pU%2BiOXk1VxbCvRjUyl7YRBDTA%3D--pEg9cbXVlyBiVxOW--hQqH%2FeLOFCuxwl1ATwez2A%3D%3D; domain=docsend.com; path=/; expires=Thu, 09 Apr 2026 22:51:48 GMT; SameSite=None; secure _us_=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkluWnBaWGRsWkNCa2IyTWkiLCJleHAiOm51bGwsInB1ciI6ImNvb2tpZS5fdXNfIn19--d99e89135b29409ec95f7b01021ec543a463b2ba; domain=docsend.com; path=/; expires=Sun, 09 Apr 2045 22:51:48 GMT; SameSite=None; secure _dss_=d80ff21ce18a131b50d24d2dd6628e1a; domain=docsend.com; path=/; secure; HttpOnly; SameSite=None X-Request-Id: d68dbd25-9b45-4d12-8f9f-e4708af34ed6 X-Runtime: 0.075556 Vary: Accept-Encoding, Origin Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: mYWe5BlYMptt-TKM_28BVyJQQkOw4HlGfrFs0_1I6dofuuN3lpnzxA==

	launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html	172.232.10.21	403 Forbidden	230 B
URL User Request GET launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html IP 172.232.10.21:443 ASN #63949 Akamai Connected Cloud Certificate IssuerLet's Encrypt Subjectus-ord-1.linodeobjects.com Fingerprint39:6F:9D:90:9C:7B:5E:7B:9F:59:7E:DB:E6:CD:CF:35:E9:DB:05:4A ValiditySun, 16 Mar 2025 11:08:56 GMT - Sat, 14 Jun 2025 11:08:55 GMT File type XML 1.0 document, ASCII text, with no line terminators Size 230 B (230 bytes) Hash 7949d221b297f2581b07ff1ae24f9b2b 0203df72ecf546656b8d65fb38281de2af0138be 2438ae6498fe0b9b4abb080cbdc901af926042210700d6386c9235b87bc74640 HTTP Headers GET /lbedkaprizpfrtintysqyksnmzbkeg/index.html HTTP/1.1 Host: launaywjjde.us-ord-1.linodeobjects.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 403 Forbidden Date: Wed, 09 Apr 2025 22:51:49 GMT Content-Type: application/xml Content-Length: 230 Connection: keep-alive x-amz-request-id: tx0000001d544002971eb87-0067f6fa05-d2e64175-default Accept-Ranges: bytes`