FAQs
      Back to home
      1. Botdoc Service Desk
      2. FAQs

      Why Geo locations are different - strange IP address.

      The metadata that is stored on all requests will show Geo locations. All Geo locations are an approximation based on the IP Address.

      You could have a recipient upload or download information from a mobile and that GEO location will ping from local cell towers giving an approximate location based on that IP address.

      When viewing a PUSH or PULL timeline to see request details on a recipient that you know lives in NY and you notice that the timeline shows multiple “email clicks” took place in New York, France, and Colorado but the NY downloaded the file… there are a few possibilities here.

      1 - The receiver is using an email vendor that is routing things locally (NY) and/or abroad (France).. possibly a French-based company they are associated with or work for, and they have a ’scrubbing’ layer within the company or email vendor that is checking the link to make sure it's not malicious.  FYI - You may continue to see similar patterns when sending to business email accounts.  

      2 - The receiver's email has been compromised - The most important to note is that this is not a Botdoc compromise or issue, it is related to the receiver's email.   

      You may want to reach out to the receiver and have them inquire about the above-mentioned.   We are confident that your customer will be appreciative of your excellent cyber security hygiene. 

      You always have the option to TERMINATE  a PUSH request before a file is downloaded or if the file is downloaded making sure that the intended recipient was the one who downloaded the file.

      Note: the GEO location data should be used as a data point not as an absolute

      UPDATE as of July 2021

      Some users notice that when sending a PUSH to a gmail.com email address, the Botdoc timeline shows 2 downloads even though the only download is from the intended recipient.

      We are aware that Gmail has recently (as of June 2021) made some changes on their platform when it comes to “protecting” their links but it’s a bit vague and they are testing this in only certain locations.  You can see their support ticket info here: Click-time link protections in third-party email clients - Gmail Help. You can also see the FAQ on this same link for more details.

       

      We did our own testing as well on Gmail accounts and it's also producing 2 downloads in certain locations (even though the only true download was from the recipient) and we are pretty sure its Googles Anti-Virus downloading the files to protect against the behavior they are testing.