s7.addthis.com
23.210.248.44  Public Scan Open in urlscan Pro

Internal
urlscan.io (IP) urlscan.io (Domain)
Effective Hostname
VirusTotal SecurityTrails crt.sh
Submitted URL
Google Safe Browsing Archive.org
Effective URL Pivot
Google Safe Browsing Archive.org
Effective IP
VirusTotal SecurityTrails Domaintools Censys
Go To Rescan
Add Verdict Report
Submitted URL:
https://dashboard.addthis.com/darkseid/slack-oauth/auth?shareURL 9yr old
Effective URL:
https://s7.addthis.com/static/slack.html 10yr old
Submission Tags: falconsandbox
Submission: On February 05 via api (February 5th 2021, 8:10:15 pm UTC) from US
Summary HTTP 3 Redirects  Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 3 HTTP transactions. The main IP is 23.210.248.44, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is s7.addthis.com. 10yr old
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 10th 2021. Valid for: 3mo.
This is the only time s7.addthis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 129.146.196.240 129.146.196.240 31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 3 23.210.248.44 23.210.248.44 16625 (AKAMAI-AS) (AKAMAI-AS)
3 2
Apex Domain
Subdomains		 Transfer
5 addthis.com 2 redirects
dashboard.addthis.com 9yr old
s7.addthis.com 10yr old
32 KB
3 1
Domain Requested by
3 s7.addthis.com 1 redirects s7.addthis.com
2 dashboard.addthis.com 1 redirects s7.addthis.com
3 2

This site contains no links.

Subject Issuer Validity Valid
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2021-04-07		 3mo crt.sh
*.addthis.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-01 -
2022-02-09		 1yr crt.sh

This page contains 1 frames:

Primary Page: https://s7.addthis.com/static/slack.html
Frame ID: EC79498DE689479BD6359F17167BC1F6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://dashboard.addthis.com/darkseid/slack-oauth/auth?shareURL HTTP 303
    http://s7.addthis.com/static/slack.html?error=share_url_missing HTTP 308
    https://s7.addthis.com/static/slack.html Page URL

Detected technologies

(Web servers)
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

31 kB
Transfer

69 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dashboard.addthis.com/darkseid/slack-oauth/auth?shareURL HTTP 303
    http://s7.addthis.com/static/slack.html?error=share_url_missing HTTP 308
    https://s7.addthis.com/static/slack.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol		 Status Resource
Path		 Size
x-fer		 Time
Latency		 Type
MIME-Type		 IP
Location
GET
H2 		200
 Primary Request slack.html Show response
s7.addthis.com/static/
Redirect Chain
  • https://dashboard.addthis.com/darkseid/slack-oauth/auth?shareURL
  • http://s7.addthis.com/static/slack.html?error=share_url_missing
  • https://s7.addthis.com/static/slack.html
60 KB
21 KB 		410ms
361ms 		Document
text/html		 23.210.248.44
AKAMAI-AS
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/slack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
8a3d7132af9b51ea2b9096db64272f615c4f5956d2d93613223f6714681bdad5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/slack.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-f021"
cache-tag
client_dist_ndc
surrogate-key
client_dist_ndc
timing-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
21520
date
Fri, 05 Feb 2021 20:10:16 GMT
vary
Accept-Encoding
x-host
s7.addthis.com

Redirect headers

Server
nginx/1.15.8
Content-Type
text/html
Content-Length
171
Location
https://s7.addthis.com/static/slack.html
Date
Fri, 05 Feb 2021 20:10:16 GMT
Connection
keep-alive
X-Host
s7.addthis.com
GET
H2 		404
 channels Show response
dashboard.addthis.com/darkseid/slack-oauth/ 		313 B
517 B 		146ms
146ms 		XHR
text/html		 129.146.196.240
ORACLE-BMC-31898
General
Check archive.org
Download Go to
Full URL
https://dashboard.addthis.com/darkseid/slack-oauth/channels
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/static/slack.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
129.146.196.240 , United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
ac7ceed807cc6ee4e413959a8d34cbe010870a7ca109bb5b98fb0b53e5bc7273
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://s7.addthis.com/static/slack.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 20:10:16 GMT
content-encoding
gzip
server
nginx/1.15.8
vary
Accept-Encoding
content-type
text/html; charset=ISO-8859-1
access-control-allow-origin
https://s7.addthis.com
cache-control
must-revalidate,no-cache,no-store
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
GET
H2 		200
 a5384b10536bb2df6ba85c76ee9bd2ee.gif
s7.addthis.com/static/ 		9 KB
9 KB 		74ms
74ms 		Image
image/gif		 23.210.248.44
AKAMAI-AS
General
Check archive.org
Download Go to Show image
Full URL
https://s7.addthis.com/static/a5384b10536bb2df6ba85c76ee9bd2ee.gif
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/static/slack.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
f2bbd108cf967460390eb77e8fbe0aeb4014abd58635440bf09be27785445e15
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://s7.addthis.com/static/slack.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-2425"
content-type
image/gif
cache-control
public, max-age=86313600
date
Fri, 05 Feb 2021 20:10:16 GMT
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
9253

Verdicts & Comments Add Verdict or Comment

9 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dashboard.addthis.com
s7.addthis.com
129.146.196.240
23.210.248.44
8a3d7132af9b51ea2b9096db64272f615c4f5956d2d93613223f6714681bdad5
ac7ceed807cc6ee4e413959a8d34cbe010870a7ca109bb5b98fb0b53e5bc7273
f2bbd108cf967460390eb77e8fbe0aeb4014abd58635440bf09be27785445e15