www.tyingree.com Open in urlscan Pro
109.236.60.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dormdolls.com/hX8tD7Ebd.php5?LhcYC65yVtNHcLXYTZfGMQV7GsYVTMLZV59fDPBZZZ2nHt0zZ6vBtcZbngf1JDhZdDxYS8lrj7J0KVSV6...
Effective URL:
https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=32d667ed4ed34f118488edec35817409&__rpa=0&__rc=16&sub...
Submission Tags: falconsandbox
Submission: On October 20 via api (October 20th 2022, 2:48:57 am UTC) from US — Scanned from CA

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 109.236.60.3, located in Los Angeles, United States and belongs to DEDIPATH-LLC, US. The main domain is www.tyingree.com.
TLS certificate: Issued by R3 on August 27th 2022. Valid for: 3 months.

This is the only time www.tyingree.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.234.0.3 104.234.0.3	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
16 17	109.236.60.3 109.236.60.3	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
1	1

1 104.234.0.3 (Canada) 1 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: dormdolls.com

dormdolls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 109.236.60.3 (Los Angeles, United States) 16 redirects

ASN35913 (DEDIPATH-LLC, US)

www.tyingree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tyingree.com 16 redirects www.tyingree.com	10 KB
1	dormdolls.com 1 redirects dormdolls.com — Cisco Umbrella Rank: 142076	317 B
1	2

	Domain	Requested by
17	www.tyingree.com	16 redirects
1	dormdolls.com	1 redirects
1	2

This site contains no links.

Subject Issuer	Validity	Valid
tyingree.com R3	`2022-08-27` - `2022-11-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=32d667ed4ed34f118488edec35817409&__rpa=0&__rc=16&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1v8S0Dw&sub3=Veg0RVkh8TkE&sub4=&sub5=&source_id=&__pcd=9
Frame ID: 60DE590FC9758847C0E5DCBF6A328BD2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	204 No Content	Primary Request / www.tyingree.com/2FS23DQ68/65K26BS/ Redirect Chain http://dormdolls.com/hX8tD7Ebd.php5?LhcYC65yVtNHcLXYTZfGMQV7GsYVTMLZV59fDPBZZZ2nHt0zZ6vBtcZbngf1JDhZdDxYS8lrj7J0KVSV694XW7Dqzgp0FML9Hdg6m46CltNkS1x7BFFfXBPRlvSMZVp5SCsv2dFPVDZ8MVskVX281hL5T3QVY2nd6... https://www.tyingree.com/2FS23DQ68/GPMNT61/?sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C%7EmvrFvpCjoO9z6UXj%7EO6KE4Dx3e1v8S0Dw&sub3=Veg0RVkh8TkE https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=7756&__ptid=6c72b787b2944d6fb69a681e3eb4eb79&__rpa=0&__rc=1&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=6148573555f344a7a9314768e1345429&__rpa=0&__rc=2&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=703cd130a9a04c85ae7c5fbb50672723&__rpa=0&__rc=3&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=8263cfb91747423593ffd01e8cf4349f&__rpa=0&__rc=4&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=cdf3144bb13f462b947f77ea9b0d903c&__rpa=0&__rc=5&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=97f16291b6dd4158ab02e6fe6633f9c0&__rpa=0&__rc=6&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=b20139d827e740cdbea0dc7d172d0dc9&__rpa=0&__rc=7&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=3d8e69272bb24fee8d0b489d1a8da779&__rpa=0&__rc=8&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=2b16decc73504fab9bd5ba49f4cfc5c6&__rpa=0&__rc=9&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=42619922461c4c7e8c7ca18794d69197&__rpa=0&__rc=10&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=2c5f5d901a304a34b6fa1acd5c447f36&__rpa=0&__rc=11&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=e1318b85560549d6a1188bb6726a2ba3&__rpa=0&__rc=12&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=6fa8e15be85a4199a3b7e2d226bb8cf9&__rpa=0&__rc=13&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=c842472a72d84284b08f1ff4f2f6a59a&__rpa=0&__rc=14&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=39ecc45d3a1c44638dc775c68d0f7b32&__rpa=0&__rc=15&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e... https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=32d667ed4ed34f118488edec35817409&__rpa=0&__rc=16&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e...	0 0	187ms 186ms	Document text/plain	109.236.60.3 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Full URL https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=32d667ed4ed34f118488edec35817409&__rpa=0&__rc=16&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1v8S0Dw&sub3=Veg0RVkh8TkE&sub4=&sub5=&source_id=&__pcd=9 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 109.236.60.3 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers date Thu, 20 Oct 2022 02:48:26 GMT server nginx vary Origin x-eflow-request-id c9f9a3b2-3ea7-408f-a8e0-c8829ebd0698 Redirect headers content-length 320 content-type text/html; charset=utf-8 date Thu, 20 Oct 2022 02:48:25 GMT location https://www.tyingree.com/2FS23DQ68/65K26BS/?__rpt=0&__po=2915&__ptid=32d667ed4ed34f118488edec35817409&__rpa=0&__rc=16&sub1=YwLRmrrqWLK6MMLGQ8OqhShvvgfvsQy3AzJGIMrA&sub2=C~mvrFvpCjoO9z6UXj~O6KE4Dx3e1v8S0Dw&sub3=Veg0RVkh8TkE&sub4=&sub5=&source_id=&__pcd=9 server nginx vary Origin x-eflow-request-id 25c08054-55a5-4620-b0ed-5fdbd0c3c0d4

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dormdolls.com
www.tyingree.com
104.234.0.3
109.236.60.3

www.tyingree.com Open in urlscan Pro 109.236.60.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

1 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

0 kBTransfer

0 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

www.tyingree.com Open in urlscan Pro
109.236.60.3 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

1 HTTP transactions
0 data transactions