ScanMalware.com

Security Scan Report: u15272.ct.sendgrid.net

Redirected to: https://medsalau.s3.eu-north-1.amazonaws.com/restore.htm

Submitted: Oct 13, 2025, 1:48:07 PMCompleted: Oct 13, 2025, 1:50:08 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 3 countries across 2 domains to perform 3 HTTP transactions. The main domain is medsalau.s3.eu-north-1.amazonaws.com and was registered NaN years ago.

Submitted URL: https://u15272.ct.sendgrid.net/ls/click?upn=u001.ARMDdhcDq1K37F5ko4WOeDAlBOnNu52Ovzpq-2BFMAhWvQ2pujdad1UxexU7V354CrpoSOPXrHWDYVH7-2BESpOJGg-3D-3DrTXZ_434ysW4MlKftHtyWUY9FSVjd-2BqATjKY-2BCEaCYzerkwx9XHx7qopmRMhD4OyA-2Fux5zsF3P3h-2FFlPqGUsB8AoYmmVWbzvZk2MYw1NFV2Gh7lHahWYCCcFYFCYwmGQbC7N8dhziNJySC5zpr8Lful7BYhLQvqioy7hAluCaTQiIOH5BnKDY3dIYMt2UXbjcgb27OdapFKwRwoz2hWYE5QDYrSjNcNXjIGPoWUL38Poqp-2BQ-3D

Effective URL: https://medsalau.s3.eu-north-1.amazonaws.com/restore.htmRedirected

AI Security Verdict

Safe Website

Confidence: 95%

0
Risk Score

Redirect leads to an S3 error page; no malicious activity detected.

Safety Factors
Established initial domain (sendgrid.net) with long registration age
No credential or payment collection fields
No malicious Indicators of Compromise
Content is a standard S3 error response
Domain age information unavailable

Details

Page Title

u15272.ct.sendgrid.net

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

healthcare medical

(49%)

Domain Information

Domain 'u15272.ct.sendgrid.net' uses the network infrastructure generic top-level domain (.net) with subdomain 'u15272.ct'. The registrable portion 'sendgrid' spans 8 characters containing 2 vowels alongside 6 consonants. It segments into two words: send, grid. Median word length comes out to four characters. 'sen' most often appears in Finnish. Secondary signals appear in English and Chinese (Pinyin).

Screenshot

Security scan screenshot of https://u15272.ct.sendgrid.net/ls/click?upn=u001.ARMDdhcDq1K37F5ko4WOeDAlBOnNu52Ovzpq-2BFMAhWvQ2pujdad1UxexU7V354CrpoSOPXrHWDYVH7-2BESpOJGg-3D-3DrTXZ_434ysW4MlKftHtyWUY9FSVjd-2BqATjKY-2BCEaCYzerkwx9XHx7qopmRMhD4OyA-2Fux5zsF3P3h-2FFlPqGUsB8AoYmmVWbzvZk2MYw1NFV2Gh7lHahWYCCcFYFCYwmGQbC7N8dhziNJySC5zpr8Lful7BYhLQvqioy7hAluCaTQiIOH5BnKDY3dIYMt2UXbjcgb27OdapFKwRwoz2hWYE5QDYrSjNcNXjIGPoWUL38Poqp-2BQ-3D

Page Load Overview

1.31s
Total Load Time
3
HTTP Requests
2
Domains
0 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
Text Length:585 chars
Detector Agreement:100%

Website Classification

Primary Category

healthcare medical49% confidence
Type: static
Method: ml+structural

All Detected Categories

healthcare medical
49%
documentation technical
43%
cryptocurrency blockchain
42%
adult content
37%
news media journalism
30%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
23.5.216.245Stockholm, Stockholm County, Sweden
AS16509AMAZON-02
13.79.169.2Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
03.5.218.226Stockholm, Stockholm County, Sweden
AS16509AMAZON-02
03.5.218.231Stockholm, Stockholm County, Sweden
AS16509AMAZON-02
063.177.157.111Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
0176.34.126.149Dublin, Leinster, Ireland
AS16509AMAZON-02
054.229.75.109Dublin, Leinster, Ireland
AS16509AMAZON-02
37--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19B516365DA930AB5113BC4E11AFF677731EAC037D05A2225FA9C5398DFCDC40B922E05

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:8iFWN15AN427zI1czgumMANkgNKV+NZdLNIertF:8iFWN15eVM2kzMOkuKVcZdBIW7

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3077:CAAABAAQgIYgAAQAAEBpAEgECAEQCIQICEAAAIAECYMCEAABQUhgAhiAkABAAESAKE1AEAIAAAEAAAhAIAAJQQAAIAGg0kAQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:000fffffffffffff
Perceptual Hash:8b0b0b0f0f1e7c7c
Difference Hash:f8d0000000000000
Wavelet Hash:000fcfcf0f0f0f0f
Color Hash:#7e862d

Other Hashes

Crop Resistant:f8d0000000000000

Scan History

Scan history not available

Unable to load historical scan data