urlscan.io logo urlscan.io
SecurityTrails logo

go.turnitin.com Open in urlscan Pro
18.208.125.13  Public Scan

Go To Rescan Add Verdict Report
URL: https://go.turnitin.com/turnitin-and-gdpr
Submission: On January 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 18.208.125.13, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is go.turnitin.com.
TLS certificate: Issued by R3 on December 12th 2022. Valid for: 3 months.
This is the only time go.turnitin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com
go.turnitin.com
pi.pardot.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com
go.pardot.com
2    2600:9000:211a:7800:d:7e9b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)
storage.pardot.com
5    104.111.216.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-120.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
1    2a00:1450:400d:802::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.203.125.127 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-127.deploy.static.akamaitechnologies.com
z.moatads.com
Apex Domain
Subdomains		 Transfer
5 pardot.com
go.pardot.com — Cisco Umbrella Rank: 24705
storage.pardot.com — Cisco Umbrella Rank: 31356
pi.pardot.com — Cisco Umbrella Rank: 7753
376 KB
4 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2297
m.addthis.com — Cisco Umbrella Rank: 2348
217 KB
3 gstatic.com
fonts.gstatic.com
49 KB
3 turnitin.com
go.turnitin.com
10 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 520
fonts.googleapis.com — Cisco Umbrella Rank: 127
96 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 2761
521 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 642
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
101 KB
19 8
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
3 s7.addthis.com go.turnitin.com
s7.addthis.com
3 go.turnitin.com 1 redirects pi.pardot.com
2 pi.pardot.com go.turnitin.com
pi.pardot.com
2 storage.pardot.com go.turnitin.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 www.googletagmanager.com go.turnitin.com
1 go.pardot.com 1 redirects
1 fonts.googleapis.com go.turnitin.com
1 ajax.googleapis.com go.turnitin.com
19 12

This site contains links to these domains. Also see Links.

Domain
turnitin.com
guides.turnitin.com
Subject Issuer Validity Valid
go.turnitin.com
R3		 2022-12-12 -
2023-03-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-13 -
2023-09-12		 a year crt.sh

This page contains 3 frames:

Primary Page: https://go.turnitin.com/turnitin-and-gdpr
Frame ID: 9880D0F8AD9FB1D5C047E484AFF20B11
Requests: 17 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 67CC90D21F4EBEC09C44DB58799EA58E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CC2E5E894594459EBACE89BF8FCBC1F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

84 %
HTTPS

56 %
IPv6

8
Domains

12
Subdomains

9
IPs

4
Countries

848 kB
Transfer

1643 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://go.pardot.com/l/45292/2014-05-16/k8h/45292/1932/turnitin_logo.jpg HTTP 302
  • https://storage.pardot.com/45292/1614291050Zvivrhel/turnitin_logo.svg
Request Chain 7
  • https://go.turnitin.com/l/45292/2018-04-20/bg43tp/45292/149564/adult_business_chair_380769_copy.jpg HTTP 302
  • https://storage.pardot.com/45292/149564/adult_business_chair_380769_copy.jpg

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request turnitin-and-gdpr
go.turnitin.com/ 		32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.turnitin.com/turnitin-and-gdpr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
054096a2544cdd8c4ac4a09144f3f37025b861da29c002afbeb9ab6dee86dc1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
7558
Content-Type
text/html; charset=utf-8
Date
Wed, 11 Jan 2023 15:01:57 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
status
404 Not Found
vary
Accept-Encoding,User-Agent
x-pardot-canary
true
x-pardot-rsp
0/0/1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: go.turnitin.com
URL: https://go.turnitin.com/turnitin-and-gdpr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 02:36:39 GMT
x-content-type-options
nosniff
age
44719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95786
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 02:36:39 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,500,300italic,400italic
Requested by
Host: go.turnitin.com
URL: https://go.turnitin.com/turnitin-and-gdpr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc8374926c36f379e7f0f70fd61ac4278db9fbcbd9be8da6244f049cb7e16e35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Jan 2023 15:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 15:01:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Jan 2023 15:01:58 GMT
turnitin_logo.svg
storage.pardot.com/45292/1614291050Zvivrhel/
Redirect Chain
  • https://go.pardot.com/l/45292/2014-05-16/k8h/45292/1932/turnitin_logo.jpg
  • https://storage.pardot.com/45292/1614291050Zvivrhel/turnitin_logo.svg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.pardot.com/45292/1614291050Zvivrhel/turnitin_logo.svg
Requested by
Host: go.turnitin.com
URL: https://go.turnitin.com/turnitin-and-gdpr
Protocol
H2
Server
2600:9000:211a:7800:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed96ffd7ce010f9265b88de61e902d6ed9cf84435c1af4a2759ebf6856e4e0cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 10:47:17 GMT
x-amz-version-id
6XML3jNagyo7WkpluV7hWeE6u3Ox.qj7
via
1.1 fadd210e8fada96866356688e5524d10.cloudfront.net (CloudFront)
last-modified
Thu, 25 Feb 2021 22:10:51 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
15282
etag
"33bf2723154dcadb5bf87f669e12d8eb"
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-replication-status
COMPLETED
accept-ranges
bytes
x-robots-tag
none
content-length
2866
x-amz-cf-id
Qge1jhbtXDWiAiZeb-lZpTpG2HoSdNo0Fqdh5-HBspKTr3WTjmkGAg==

Redirect headers

Date
Wed, 11 Jan 2023 15:01:58 GMT
content-security-policy
sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-scripts allow-top-navigation allow-top-navigation-by-user-activation
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
Server
PardotServer
vary
Accept-Encoding,User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location
https://storage.pardot.com/45292/1614291050Zvivrhel/turnitin_logo.svg
Content-Type
text/html; charset=UTF-8
cache-control
max-age=600
Connection
keep-alive
x-robots-tag
none
Content-Length
138
expires
Wed, 11 Jan 2023 15:11:58 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: go.turnitin.com
URL: https://go.turnitin.com/turnitin-and-gdpr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-120.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 11 Jan 2023 15:01:58 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116423
gtm.js
www.googletagmanager.com/ 		394 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKRDZM
Requested by
Host: go.turnitin.com
URL: https://go.turnitin.com/turnitin-and-gdpr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c476348bcc3deabc4a68fa749a7bee77f38be98cf6d163c60fc37c56336b5f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 15:01:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103112
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 11 Jan 2023 15:01:58 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,300italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.turnitin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 01:58:46 GMT
x-content-type-options
nosniff
age
565392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:58:46 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-127.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Wed, 11 Jan 2023 15:01:58 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3DA20F33DFB043F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=10435
accept-ranges
bytes
content-length
948
x-amz-id-2
g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=
adult_business_chair_380769_copy.jpg
storage.pardot.com/45292/149564/
Redirect Chain
  • https://go.turnitin.com/l/45292/2018-04-20/bg43tp/45292/149564/adult_business_chair_380769_copy.jpg
  • https://storage.pardot.com/45292/149564/adult_business_chair_380769_copy.jpg
367 KB
368 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.pardot.com/45292/149564/adult_business_chair_380769_copy.jpg
Requested by
Host: go.turnitin.com
URL: https://go.turnitin.com/turnitin-and-gdpr
Protocol
H2
Server
2600:9000:211a:7800:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c270270cd0943dc05d6f3932f7a8c477d3eb2add255a94654f2772639d89144

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 15:01:59 GMT
x-amz-version-id
null
via
1.1 fadd210e8fada96866356688e5524d10.cloudfront.net (CloudFront)
last-modified
Fri, 20 Apr 2018 12:51:37 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
"33d69ebb8f8602b78e228e6f953daf82"
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=binary
accept-ranges
bytes
content-length
375482
x-amz-cf-id
G3nRcu3JTa74elUA63nIgd4UEj6DBYl6-U34CafXwWJIs0ekzUypNQ==

Redirect headers

Date
Wed, 11 Jan 2023 15:01:58 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
Server
PardotServer
vary
Accept-Encoding,User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location
https://storage.pardot.com/45292/149564/adult_business_chair_380769_copy.jpg
Content-Type
text/html; charset=UTF-8
cache-control
max-age=600
Connection
keep-alive
x-robots-tag
none
x-pardot-canary
true
Content-Length
144
expires
Wed, 11 Jan 2023 15:11:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,300italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.turnitin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 19:33:00 GMT
x-content-type-options
nosniff
age
588538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 19:33:00 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,300italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.turnitin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 16:02:47 GMT
x-content-type-options
nosniff
age
82751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17508
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 16:02:47 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-4e4c60806f020efc/ 		789 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-4e4c60806f020efc/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7fa43bf4c24487f3865cbc6498592089b802eb4db53effbef508299b8555e7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 15:01:58 GMT
content-encoding
gzip
etag
227330493--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=57, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
346
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=63becf6678e019fb&bkl=0&bl=1&pdt=639&sid=63becf6678e019fb&pub=ra-4e4c60806f020efc&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=go.turnitin.com&fp=turnitin-and-gdpr&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1673449318494&jsl=1&uvs=63becf66283ed684000&skipb=1&callback=addthis.cbs.jsonp__38290155601998890
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4ac6c435529a3eb77bf4beba331a3a33c63a8fcc462e8ed365274f79774f07c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 15:01:58 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 67CC 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CC2E 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-120.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://go.turnitin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Wed, 11 Jan 2023 15:01:58 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-120.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 11 Jan 2023 15:01:58 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: go.turnitin.com
URL: https://go.turnitin.com/turnitin-and-gdpr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 15:01:59 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Tue, 10 Jan 2023 05:22:55 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1946
expires
Fri, 10 Jan 2025 15:01:59 GMT
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=1100839210&visitor_id_sign=d013e9121aa546b3f5d89950d8a747347204236c40ddb596f3e5c64f2f8527e118159291bb71730d1c4e983fb113afcf5f063710&pi_opt_in=&campaign_id=60040&account_id=46292&title=&url=https%3A%2F%2Fgo.turnitin.com%2Fturnitin-and-gdpr&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
89150e4ac3ac1779f20c72fdd50ce6186759e86407dfba420f0e4711acc7d62c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 11 Jan 2023 15:02:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
x-pardot-canary
true
Content-Length
549
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
go.turnitin.com/ 		50 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.turnitin.com/analytics?conly=true&visitor_id=1100839210&visitor_id_sign=d013e9121aa546b3f5d89950d8a747347204236c40ddb596f3e5c64f2f8527e118159291bb71730d1c4e983fb113afcf5f063710&pi_opt_in=&campaign_id=60040&account_id=46292&title=&url=https%3A%2F%2Fgo.turnitin.com%2Fturnitin-and-gdpr&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=1100839210&visitor_id_sign=d013e9121aa546b3f5d89950d8a747347204236c40ddb596f3e5c64f2f8527e118159291bb71730d1c4e983fb113afcf5f063710&pi_opt_in=&campaign_id=60040&account_id=46292&title=&url=https%3A%2F%2Fgo.turnitin.com%2Fturnitin-and-gdpr&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.turnitin.com/turnitin-and-gdpr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 11 Jan 2023 15:02:00 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery string| piAId string| piCId string| piHostname object| dataLayer object| google_tag_manager object| google_tag_data function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| acc object| addthis_config object| addthis_share function| onYouTubeIframeAPIReady boolean| __@@##MUH object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start number| c_end string| property function| piResponse

9 Cookies

Domain/Path Name / Value
go.turnitin.com/ Name: visitor_id45292
Value: 1100839210
go.turnitin.com/ Name: visitor_id45292-hash
Value: d013e9121aa546b3f5d89950d8a747347204236c40ddb596f3e5c64f2f8527e118159291bb71730d1c4e983fb113afcf5f063710
go.turnitin.com/ Name: __atuvc
Value: 1%7C2
go.turnitin.com/ Name: __atuvs
Value: 63becf66283ed684000
.addthis.com/ Name: uvc
Value: 1%7C2
.addthis.com/ Name: loc
Value: MDAwMDBFVURFSEUyMjkxMTg3OTAwMzAwMDBDSA==
.pardot.com/ Name: visitor_id45292
Value: 1100839210
.pardot.com/ Name: visitor_id45292-hash
Value: d013e9121aa546b3f5d89950d8a747347204236c40ddb596f3e5c64f2f8527e118159291bb71730d1c4e983fb113afcf5f063710
pi.pardot.com/ Name: lpv45292
Value: aHR0cHM6Ly9nby50dXJuaXRpbi5jb20vdHVybml0aW4tYW5kLWdkcHI%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
go.pardot.com
go.turnitin.com
m.addthis.com
pi.pardot.com
s7.addthis.com
storage.pardot.com
v1.addthisedge.com
www.googletagmanager.com
z.moatads.com
s7.addthis.com
104.111.216.120
18.208.125.13
23.203.125.127
2600:9000:211a:7800:d:7e9b:1200:93a1
2a00:1450:4001:813::200a
2a00:1450:4001:82b::200a
2a00:1450:400d:802::2008
2a00:1450:400d:806::2003
52.54.96.194
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
054096a2544cdd8c4ac4a09144f3f37025b861da29c002afbeb9ab6dee86dc1b
1c270270cd0943dc05d6f3932f7a8c477d3eb2add255a94654f2772639d89144
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
4ac6c435529a3eb77bf4beba331a3a33c63a8fcc462e8ed365274f79774f07c2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7fa43bf4c24487f3865cbc6498592089b802eb4db53effbef508299b8555e7c5
89150e4ac3ac1779f20c72fdd50ce6186759e86407dfba420f0e4711acc7d62c
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
c476348bcc3deabc4a68fa749a7bee77f38be98cf6d163c60fc37c56336b5f1b
dc8374926c36f379e7f0f70fd61ac4278db9fbcbd9be8da6244f049cb7e16e35
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
ed96ffd7ce010f9265b88de61e902d6ed9cf84435c1af4a2759ebf6856e4e0cc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef