sledgetentries.site Open in urlscan Pro
2a00:f940:2:2:1:1:0:169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sledgetentries.site/
Effective URL:
https://sledgetentries.site/
Submission Tags: @phish_report
Submission: On June 03 via api (June 3rd 2024, 10:18:33 pm UTC) from FI — Scanned from FI

Summary HTTP 6 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2a00:f940:2:2:1:1:0:169, located in Russian Federation and belongs to AS-REG, RU. The main domain is sledgetentries.site.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.

This is the only time sledgetentries.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:169	197695 (AS-REG) (AS-REG)
1	2606:4700:303... 2606:4700:3037::ac43:a664	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3

2 2a00:f940:2:2:1:1:0:169 (Russian Federation)

ASN197695 (AS-REG, RU)

sledgetentries.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:a664 (United States)

ASN13335 (CLOUDFLARENET, US)

trueimages.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	sledgetentries.site sledgetentries.site	70 KB
1	trueimages.ru trueimages.ru Failed	60 KB
6	2

	Domain	Requested by
2	sledgetentries.site
1	trueimages.ru	sledgetentries.site
6	2

This site contains no links.

Subject Issuer	Validity	Valid
sledgetentries.site R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
trueimages.ru GTS CA 1P5	`2024-05-12` - `2024-08-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sledgetentries.site/
Frame ID: A2F6D8F081221CB1FCAF5AADD960D142
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Код блочного сайта

Page URL History Show full URLs

http://sledgetentries.site/ HTTP 307
https://sledgetentries.site/ Page URL

Page Statistics

6
Requests

50 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

131 kB
Transfer

375 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sledgetentries.site/ HTTP 307
https://sledgetentries.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sledgetentries.site/ Redirect Chain http://sledgetentries.site/ https://sledgetentries.site/	9 KB 3 KB	260ms 66ms	Document text/html	2a00:f940:2:2:1:1:0:169 AS-REG
General Check archive.org Show headers Download Go to Full URL https://sledgetentries.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:169 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash `f1c321c3918add35daf83e73f28bfa5608cc79c497233740f30581efc8a498bd` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-origin * content-encoding gzip content-type text/html date Mon, 03 Jun 2024 22:18:27 GMT server nginx vary Accept-Encoding Redirect headers Location https://sledgetentries.site/ Non-Authoritative-Reason HttpsUpgrades
GET		9116df15.png trueimages.ru/img/cf/26/	0 0

GET		dea39f15.png trueimages.ru/img/99/91/	0 0

GET		b1718f15.png trueimages.ru/img/81/90/	0 0

GET H2	200	07a18f15.png trueimages.ru/img/0d/64/	60 KB 60 KB	152ms 56ms	Image image/png	2606:4700:3037::ac43:a664 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://trueimages.ru/img/0d/64/07a18f15.png Requested by Host: sledgetentries.site URL: https://sledgetentries.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:a664 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca9dd1013afc3a4c8f895a062d7572cc8c89728ea38c16d9ecc1353cff4e0dff` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sledgetentries.site/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 22:18:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5157 alt-svc h3=":443"; ma=86400 content-length 61326 last-modified Mon, 25 Oct 2021 19:40:43 GMT server cloudflare etag "6177083b-ef8e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MIvp4eyL80tzfaCGMA2w7QaQrrk3%2BBKH8kGvsr1lOi1DFNvFOApRiyPKJthU%2FC56mU6a6jMA9Nkx9NvPTS%2BaPwDPJ2wY6bbicgc7dbyRNB6Yi%2B6gr14bpLAWNHTGnlTWCrk4Mj6AgzdV%2F4%2F"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88e30f25daafbf67-WAW expires Tue, 03 Jun 2025 20:52:31 GMT
GET H2	404	favicon.ico sledgetentries.site/	307 KB 67 KB	120ms 120ms	Other text/html	2a00:f940:2:2:1:1:0:169 AS-REG
General Check archive.org Show headers Download Go to Full URL https://sledgetentries.site/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:169 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash `19da202fb1e508e44143d4f4b850b9333252b8d3177d334ae357151189bef29d` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sledgetentries.site/ Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 22:18:28 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trueimages.ru
URL: https://trueimages.ru/img/cf/26/9116df15.png

Domain: trueimages.ru
URL: https://trueimages.ru/img/99/91/dea39f15.png

Domain: trueimages.ru
URL: https://trueimages.ru/img/81/90/b1718f15.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://sledgetentries.site/ Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/cf/26/9116df15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/ Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/99/91/dea39f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/ Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/99/91/dea39f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/ Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/99/91/dea39f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/ Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/81/90/b1718f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/ Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/0d/64/07a18f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/(Line 174) Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/cf/26/9116df15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/(Line 174) Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/99/91/dea39f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/(Line 174) Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/99/91/dea39f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/(Line 174) Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/99/91/dea39f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/(Line 174) Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/81/90/b1718f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sledgetentries.site/(Line 174) Message: Mixed Content: The page at 'https://sledgetentries.site/' was loaded over HTTPS, but requested an insecure element 'http://trueimages.ru/img/0d/64/07a18f15.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://sledgetentries.site/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sledgetentries.site
trueimages.ru
trueimages.ru
2606:4700:3037::ac43:a664
2a00:f940:2:2:1:1:0:169
19da202fb1e508e44143d4f4b850b9333252b8d3177d334ae357151189bef29d
ca9dd1013afc3a4c8f895a062d7572cc8c89728ea38c16d9ecc1353cff4e0dff
f1c321c3918add35daf83e73f28bfa5608cc79c497233740f30581efc8a498bd

sledgetentries.site Open in urlscan Pro 2a00:f940:2:2:1:1:0:169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

50 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

131 kBTransfer

375 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

13 Console Messages

Indicators

sledgetentries.site Open in urlscan Pro
2a00:f940:2:2:1:1:0:169 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

50 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

131 kB
Transfer

375 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions