Report - www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23gordon.foster@slurpmail.net

Report Overview

Visited public
2025-04-10 09:57:29
Tags
URL
www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23gordon.foster@slurpmail.net
Finishing URL
launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html
IP / ASN
216.82.192.99
#55103 THIN-NOLOGY
Title
launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html

Detections

urlquery

0

Network Intrusion Detection

1

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.texasbarcle.com	276632	1997-02-28	2017-02-05	2025-04-08	595 B	628 B	216.82.192.99
docsend.com	58938	2012-07-18	2014-04-04	2025-04-07	1.0 kB	9.5 kB	143.204.55.97
launaywjjde.us-ord-1.linodeobjects.com	unknown	2018-07-11	2025-04-08	2025-04-08	1.5 kB	1.4 kB	172.234.202.241

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-10 09:57:08	low	Client IP	143.204.55.97	ET INFO Document Sharing Site Domain Observed in TLS SNI (docsend .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (6)

	URL	IP	Response	Size
	www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23gordon.foster@slurpmail.net	216.82.192.99	302 Object moved	230 B
URL User Request GET www.texasbarcle.com/CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23gordon.foster@slurpmail.net IP 216.82.192.99:443 ASN #55103 THIN-NOLOGY Certificate IssuerSectigo Limited Subjectwww.texasbarcle.com Fingerprint32:65:17:9B:0A:1E:D3:B7:E0:6D:6A:5E:5E:9D:60:43:FD:09:4A:80 ValidityMon, 16 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT File type Size 230 B (230 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /CLE/AAGateway.asp?lRefID=33728&sURL=https://docsend.com/view/xzzmu6iec68nekas%23gordon.foster@slurpmail.net HTTP/1.1 Host: www.texasbarcle.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Object moved Cache-Control: private Content-Length: 194 Content-Type: text/html Expires: Thu, 10 Apr 2025 09:56:09 GMT Location: https://docsend.com/view/xzzmu6iec68nekas%2523gordon.foster@slurpmail.net Server: Microsoft-IIS/8.5 X-Robots-Tag: none Set-Cookie: ASPSESSIONIDSADSTRDR=LKJODLHDIINLLIBMGBLNICAB; path=/ X-Powered-By: ASP.NET Date: Thu, 10 Apr 2025 09:57:09 GMT`

	docsend.com/view/xzzmu6iec68nekas%2523gordon.foster@slurpmail.net	143.204.55.97	301 Moved Permanently	230 B
URL User Request GET docsend.com/view/xzzmu6iec68nekas%2523gordon.foster@slurpmail.net IP 143.204.55.97:443 ASN #16509 AMAZON-02 Certificate IssuerDigiCert Inc Subject.docsend.com Fingerprint4F:11:A6:36:35:38:03:23:7E:63:6C:A4:BA:02:D3:CD:2B:64:42:5A ValidityMon, 08 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT File type Size 230 B (230 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /view/xzzmu6iec68nekas%2523gordon.foster@slurpmail.net HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Server: Cowboy Date: Thu, 10 Apr 2025 09:57:08 GMT Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1744279028&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=cLmNRLVAcOCjrukWtEmCe9uXWa4nt3wZ9EXezvD1lPE%3D"}]} Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1744279028&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=cLmNRLVAcOCjrukWtEmCe9uXWa4nt3wZ9EXezvD1lPE%3D Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Via: 1.1 vegur, 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) Location: https://docsend.com/view/xzzmu6iec68nekas Cache-Control: no-cache Content-Security-Policy-Report-Only: connect-src 'self' blob: https://browser-intake-datadoghq.com https://browser-intake-us3-datadoghq.com https://browser-intake-us5-datadoghq.com https://d.dropbox.com https://www.dropbox.com https://.pubnub.com https://api.sprig.com wss://nexus-websocket-a.intercom.io https://api-iam.intercom.io https://www.googletagmanager.com https://analytics.google.com https://.g.doubleclick.net https://www.google-analytics.com https://edge.fullstory.com https://rs.fullstory.com https://events.statsigapi.net https://featuregates.org; frame-src 'self' https://js.stripe.com https://checkout.stripe.com https://chat.dropbox.com https://marketing.docsend.com https://dropboxcaptcha.com https://accounts.google.com/gsi/; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://assets.docsend.com https://checkout.stripe.com https://js.stripe.com https://edge.fullstory.com https://rs.fullstory.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://scripts.kissmetrics.com https://static.filestackapi.com https://cdn.zapier.com https://zapier.com/zapbook/embed/widget.jsa https://js.intercomcdn.com https://widget.intercom.io https://maps.googleapis.com https://www.googleadservices.com https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://www.clarity.ms https://connect.facebook.net https://www.facebook.com https://ct.capterra.com https://cdn.madkudu.com https://dc.ads.linkedin.com https://api.mutinyhq.io https://a.quora.com https://accounts.google.com/gsi/client https://www.youtube.com https://www.dropbox.com https://cfl.dropboxstatic.com https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com 'nonce-CMIOzfT788Ig3AZeYgo1hw=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend X-Request-Id: cfe66a85-67ad-47e6-8f6f-19e17c80a9b7 X-Runtime: 0.008922 Strict-Transport-Security: max-age=31556952; includeSubDomains; preload Vary: Origin X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: rclsngMsKYQvlwaTugYL7gZbpcRuAuOcugjou66KEzfhI8cxZpQC2A==

	docsend.com/view/xzzmu6iec68nekas	143.204.55.97	302 Found	230 B
URL User Request GET docsend.com/view/xzzmu6iec68nekas IP 143.204.55.97:443 ASN #16509 AMAZON-02 Certificate IssuerDigiCert Inc Subject.docsend.com Fingerprint4F:11:A6:36:35:38:03:23:7E:63:6C:A4:BA:02:D3:CD:2B:64:42:5A ValidityMon, 08 Jul 2024 00:00:00 GMT - Sun, 03 Aug 2025 23:59:59 GMT File type Size 230 B (230 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /view/xzzmu6iec68nekas HTTP/1.1 Host: docsend.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Server: Cowboy Date: Thu, 10 Apr 2025 09:57:09 GMT Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1744279029&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KF5MYJKgm7YljOuRI9srZWelNK%2Bc6Sw1p9irEtZ0Zv0%3D"}]} Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1744279029&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KF5MYJKgm7YljOuRI9srZWelNK%2Bc6Sw1p9irEtZ0Zv0%3D Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Via: 1.1 vegur, 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Location: https://launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html Cache-Control: no-cache Content-Security-Policy: connect-src 'self' blob: https://assets.docsend.com https://d1ng9lshxk6v9w.cloudfront.net https://.previews.dropboxusercontent.com//p.m3u8 https://.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://.intercomcdn.com https://uploads.intercomusercontent.com https://featuregates.org https://events.statsigapi.net https://browser-intake-datadoghq.com https://browser-intake-us3-datadoghq.com https://browser-intake-us5-datadoghq.com https://.kissmetrics.com https://.kissmetrics.io https://api.segment.io https://cdn.segment.com https://events.statsigapi.net/v1/rgstr https://statsigapi.net/v1/sdk_exception https://.id.opendns.com https://www.google-analytics.com https://analytics.google.com https://.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://.dropbox.com https://.dropboxapi.com https://.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://.pubnub.com https://docsend-prod.s3.amazonaws.com; frame-src 'self' https://assets.docsend.com https://.previews.dropboxusercontent.com https://marketing.docsend.com https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://td.doubleclick.net https://.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://accounts.google.com/gsi/ https://telemetryservice.firstpartyapps.oaspapps.com https://dropboxcaptcha.com https://www.dropbox.com https://ifttt.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://assets.docsend.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://.id.opendns.com https://www.youtube.com https://.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://.quora.com https://.bing.com https://api.autopilothq.com https://.capterra.com https://.g.doubleclick.net https://accounts.google.com/gsi/client https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com 'nonce-e2Z/kJRT0wvc5gZ+FP7pbw=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://.okta.com https://.oktapreview.com https://.jumpcloud.com https://.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d1ng9lshxk6v9w.cloudfront.net https://js.intercomcdn.com https://.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://assets.docsend.com https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net https://accounts.google.com/gsi/style; worker-src 'self' blob: Set-Cookie: _v_=KGhqD%2BxqLRT6Jz2gfkJWkpzVcOGAI7kY5u8%2FsRqPhMj%2FJLUDU9rZ05b6FqcRC6%2BtbwVT%2FHWIuZ1pb2ZaqXopVOmswPMcYuj93Gpnbxab1lBdYaZBw8v%2BpgQ%3D--VWlG%2FH5QAVOc61Nc--nobVUF4iILyPfAWzOjtPTg%3D%3D; domain=docsend.com; path=/; expires=Fri, 10 Apr 2026 09:57:09 GMT; SameSite=None; secure _us_=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkluWnBaWGRsWkNCa2IyTWkiLCJleHAiOm51bGwsInB1ciI6ImNvb2tpZS5fdXNfIn19--d99e89135b29409ec95f7b01021ec543a463b2ba; domain=docsend.com; path=/; expires=Mon, 10 Apr 2045 09:57:09 GMT; SameSite=None; secure _dss_=89a5fe633b8c306ab5790e2b8def84cf; domain=docsend.com; path=/; secure; HttpOnly; SameSite=None X-Request-Id: 5530d481-5cec-4a25-b80c-97144d75727c X-Runtime: 0.083437 Vary: Accept-Encoding, Origin Content-Encoding: gzip Strict-Transport-Security: max-age=31556952; includeSubDomains; preload X-Cache: Miss from cloudfront X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Vf9nBx4lj3dNqoZpWdaIekrQCdq3p3vP-Jx3Tw_XMg-vlxyxhVCNtg==

	launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html	172.234.202.241	403 Forbidden	230 B
URL User Request GET launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html IP 172.234.202.241:443 ASN #63949 Akamai Connected Cloud Certificate IssuerLet's Encrypt Subjectus-ord-1.linodeobjects.com Fingerprint39:6F:9D:90:9C:7B:5E:7B:9F:59:7E:DB:E6:CD:CF:35:E9:DB:05:4A ValiditySun, 16 Mar 2025 11:08:56 GMT - Sat, 14 Jun 2025 11:08:55 GMT File type XML 1.0 document, ASCII text, with no line terminators Size 230 B (230 bytes) Hash 6ba74775cbfdad72676f3ecd38114020 b4deaec9503ea144253dff335e05d7156362cca6 9d7c6e122be196556f9d6aee8342b31f384d6f49c2783d6bce443d732d1c68fa HTTP Headers GET /lbedkaprizpfrtintysqyksnmzbkeg/index.html HTTP/1.1 Host: launaywjjde.us-ord-1.linodeobjects.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 403 Forbidden Date: Thu, 10 Apr 2025 09:57:10 GMT Content-Type: application/xml Content-Length: 230 Connection: keep-alive x-amz-request-id: tx000004ff293a9bdafc418-0067f795f6-d27d5206-default Accept-Ranges: bytes`

	launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html	172.232.0.218	403 Forbidden	230 B
URL User Request GET launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html IP 172.232.0.218:80 ASN #63949 Akamai Connected Cloud File type XML 1.0 document, ASCII text, with no line terminators Size 230 B (230 bytes) Hash 27948ef09a8e31c68f6fe4422c98478d b1ed2fc4bcf3905dfae46cabfdbf6107879a3cb4 67a04b26259c47ae9dd2ef7fcb121792db1d734f139dccec109097d17b6e67e6 HTTP Headers `GET /lbedkaprizpfrtintysqyksnmzbkeg/index.html HTTP/1.1 Host: launaywjjde.us-ord-1.linodeobjects.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 403 Forbidden Date: Thu, 10 Apr 2025 09:57:10 GMT Content-Type: application/xml Content-Length: 230 Connection: keep-alive x-amz-request-id: tx00000e4ccc03be991c085-0067f795f6-d27d521f-default Accept-Ranges: bytes`

	launaywjjde.us-ord-1.linodeobjects.com/favicon.ico	172.232.0.218	403 Forbidden	230 B
URL GET launaywjjde.us-ord-1.linodeobjects.com/favicon.ico IP 172.232.0.218:80 ASN #63949 Akamai Connected Cloud Requested by http://launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html File type XML 1.0 document, ASCII text, with no line terminators Size 230 B (230 bytes) Hash c0ed3bfbcd110b3e0947e71d918c9b13 5473cdfe71d399666d710fcdad0b86e18e19a5f6 c92eb5e2fae9cadf96a9c89a41ad230454c17a2b6ce3c8d517e9246c131e8967 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: launaywjjde.us-ord-1.linodeobjects.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://launaywjjde.us-ord-1.linodeobjects.com/lbedkaprizpfrtintysqyksnmzbkeg/index.html Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 403 Forbidden Date: Thu, 10 Apr 2025 09:57:11 GMT Content-Type: application/xml Content-Length: 230 Connection: keep-alive x-amz-request-id: tx0000061485a1325036e85-0067f795f7-d27dca95-default Accept-Ranges: bytes`