api.azure.integrations.sendgrid.net

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 34.232.169.119, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is api.azure.integrations.sendgrid.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on August 16th 2023. Valid for: a year.

This is the only time api.azure.integrations.sendgrid.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sendgrid (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6815:39d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.232.169.119 34.232.169.119	14618 (AMAZON-AES) (AMAZON-AES)
3	2

1 2606:4700:3030::6815:39d8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sendgrid.bsq.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.169.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-169-119.compute-1.amazonaws.com

api.azure.integrations.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	sendgrid.net api.azure.integrations.sendgrid.net	9 KB
1	bsq.link 1 redirects sendgrid.bsq.link	677 B
0	sendgrid.com Failed sendgrid.com Failed
3	3

	Domain	Requested by
1	api.azure.integrations.sendgrid.net
1	sendgrid.bsq.link	1 redirects
0	sendgrid.com Failed	api.azure.integrations.sendgrid.net
3	3

This site contains no links.

Subject Issuer	Validity	Valid
azure.integrations.sendgrid.net Amazon RSA 2048 M01	`2023-08-16` - `2024-09-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://api.azure.integrations.sendgrid.net/v1/landing?token=y8dQMT7ijsx7FlBuxYJzmC0AuDdh5Wx8pgUy%2Fr2h%2B1EZfj%2FapIPb03PIuV6g0fi1XbvRFmLSkynQOVlPEgXUF7Xdlrg%2B%2FBhquLmrwfHI%2FvzAnTJt2EcxNObJeJknqmIcNcbVx656DC%2FXQ143F1v1Ugk%2BjFupaKCxwte9ri%2FEeeQGdAJu6PaR3pFWp02wz9w1
Frame ID: 5716F408C0273C5626AA4AD130DECA9E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Twilio SendGrid :: Signup Error

Page URL History Show full URLs

https://sendgrid.bsq.link/ HTTP 301
https://api.azure.integrations.sendgrid.net/v1/landing?token=y8dQMT7ijsx7FlBuxYJzmC0AuDdh5Wx8pgUy%2Fr2h%2B1EZfj%2FapIPb0... Page URL

Page Statistics

3
Requests

33 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

9 kB
Transfer

12 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sendgrid.bsq.link/ HTTP 301
https://api.azure.integrations.sendgrid.net/v1/landing?token=y8dQMT7ijsx7FlBuxYJzmC0AuDdh5Wx8pgUy%2Fr2h%2B1EZfj%2FapIPb03PIuV6g0fi1XbvRFmLSkynQOVlPEgXUF7Xdlrg%2B%2FBhquLmrwfHI%2FvzAnTJt2EcxNObJeJknqmIcNcbVx656DC%2FXQ143F1v1Ugk%2BjFupaKCxwte9ri%2FEeeQGdAJu6PaR3pFWp02wz9w1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	500	Primary Request landing Show response api.azure.integrations.sendgrid.net/v1/ Redirect Chain https://sendgrid.bsq.link/ https://api.azure.integrations.sendgrid.net/v1/landing?token=y8dQMT7ijsx7FlBuxYJzmC0AuDdh5Wx8pgUy%2Fr2h%2B1EZfj%2FapIPb03PIuV6g0fi1XbvRFmLSkynQOVlPEgXUF7Xdlrg%2B%2FBhquLmrwfHI%2FvzAnTJt2EcxNObJeJkn...	9 KB 9 KB	567ms 314ms	Document text/html	34.232.169.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.azure.integrations.sendgrid.net/v1/landing?token=y8dQMT7ijsx7FlBuxYJzmC0AuDdh5Wx8pgUy%2Fr2h%2B1EZfj%2FapIPb03PIuV6g0fi1XbvRFmLSkynQOVlPEgXUF7Xdlrg%2B%2FBhquLmrwfHI%2FvzAnTJt2EcxNObJeJknqmIcNcbVx656DC%2FXQ143F1v1Ugk%2BjFupaKCxwte9ri%2FEeeQGdAJu6PaR3pFWp02wz9w1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.232.169.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-169-119.compute-1.amazonaws.com Software / Resource Hash `0de94ff9f22bd27318fd8bc13473622838d198766d92643e5b8d8dacd512ae2b` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-length 8733 content-type text/html; charset=UTF-8 date Fri, 07 Jun 2024 15:28:49 GMT x-amz-apigw-id ZAMPtF4IoAMENQQ= x-amzn-requestid a95dfd40-5843-416d-b849-687d7bc73cd3 x-amzn-trace-id Root=1-66632731-539ba431383f9ba66ff6aa64;Parent=0c7c3f2234ec0e9d;Sampled=0;lineage=57d0b546:0 Redirect headers cache-control max-age=3600 cf-ray 8901ac9028f61c1e-FRA content-length 167 content-type text/html date Fri, 07 Jun 2024 15:28:48 GMT expires Fri, 07 Jun 2024 16:28:48 GMT location https://api.azure.integrations.sendgrid.net/v1/landing?token=y8dQMT7ijsx7FlBuxYJzmC0AuDdh5Wx8pgUy%2Fr2h%2B1EZfj%2FapIPb03PIuV6g0fi1XbvRFmLSkynQOVlPEgXUF7Xdlrg%2B%2FBhquLmrwfHI%2FvzAnTJt2EcxNObJeJknqmIcNcbVx656DC%2FXQ143F1v1Ugk%2BjFupaKCxwte9ri%2FEeeQGdAJu6PaR3pFWp02wz9w1 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TWYU8R1mlKStYLxp6zlkRs0HAVL8IziqwHfY0Y133NoYdgp7yQbrvs9ODZ7pOAnwSviQ4xzwjlcdv%2FgzX2bzF1Xo413EowN3fjmBYKhF%2B0mlaFN9PTf%2BKGsSncMWvLcr3Q50JIk0wvEfINBJxdwErw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `929e88471afd8a6882e29779d1f4175111d92b6180baa86265db6bb90c9f18cd` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET		ColfaxWebMedium.woff2 sendgrid.com/wp-content/themes/sgdotcom/assets/fonts/colfax/	0 0

GET		ColfaxRegular.woff2 sendgrid.com/wp-content/themes/sgdotcom/assets/fonts/colfax/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sendgrid.com
URL: https://sendgrid.com/wp-content/themes/sgdotcom/assets/fonts/colfax/ColfaxWebMedium.woff2

Domain: sendgrid.com
URL: https://sendgrid.com/wp-content/themes/sgdotcom/assets/fonts/colfax/ColfaxRegular.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sendgrid (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.azure.integrations.sendgrid.net/v1/landing?token=y8dQMT7ijsx7FlBuxYJzmC0AuDdh5Wx8pgUy%2Fr2h%2B1EZfj%2FapIPb03PIuV6g0fi1XbvRFmLSkynQOVlPEgXUF7Xdlrg%2B%2FBhquLmrwfHI%2FvzAnTJt2EcxNObJeJknqmIcNcbVx656DC%2FXQ143F1v1Ugk%2BjFupaKCxwte9ri%2FEeeQGdAJu6PaR3pFWp02wz9w1 Message: Failed to load resource: the server responded with a status of 500 ()
javascript	error	URL: https://api.azure.integrations.sendgrid.net/v1/landing?token=y8dQMT7ijsx7FlBuxYJzmC0AuDdh5Wx8pgUy%2Fr2h%2B1EZfj%2FapIPb03PIuV6g0fi1XbvRFmLSkynQOVlPEgXUF7Xdlrg%2B%2FBhquLmrwfHI%2FvzAnTJt2EcxNObJeJknqmIcNcbVx656DC%2FXQ143F1v1Ugk%2BjFupaKCxwte9ri%2FEeeQGdAJu6PaR3pFWp02wz9w1 Message: Access to font at 'https://sendgrid.com/wp-content/themes/sgdotcom/assets/fonts/colfax/ColfaxRegular.woff2' from origin 'https://api.azure.integrations.sendgrid.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://sendgrid.com/wp-content/themes/sgdotcom/assets/fonts/colfax/ColfaxRegular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://api.azure.integrations.sendgrid.net/v1/landing?token=y8dQMT7ijsx7FlBuxYJzmC0AuDdh5Wx8pgUy%2Fr2h%2B1EZfj%2FapIPb03PIuV6g0fi1XbvRFmLSkynQOVlPEgXUF7Xdlrg%2B%2FBhquLmrwfHI%2FvzAnTJt2EcxNObJeJknqmIcNcbVx656DC%2FXQ143F1v1Ugk%2BjFupaKCxwte9ri%2FEeeQGdAJu6PaR3pFWp02wz9w1 Message: Access to font at 'https://sendgrid.com/wp-content/themes/sgdotcom/assets/fonts/colfax/ColfaxWebMedium.woff2' from origin 'https://api.azure.integrations.sendgrid.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://sendgrid.com/wp-content/themes/sgdotcom/assets/fonts/colfax/ColfaxWebMedium.woff2 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.azure.integrations.sendgrid.net
sendgrid.bsq.link
sendgrid.com
sendgrid.com
2606:4700:3030::6815:39d8
34.232.169.119
0de94ff9f22bd27318fd8bc13473622838d198766d92643e5b8d8dacd512ae2b
929e88471afd8a6882e29779d1f4175111d92b6180baa86265db6bb90c9f18cd

api.azure.integrations.sendgrid.net Open in urlscan Pro 34.232.169.119 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

3 Requests

33 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

9 kBTransfer

12 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

api.azure.integrations.sendgrid.net Open in urlscan Pro
34.232.169.119 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

9 kB
Transfer

12 kB
Size

0
Cookies

3 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!