urlscan.io logo urlscan.io
SecurityTrails logo

www.coursehero.com Open in urlscan Pro
104.17.143.115  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/
Submission: On September 30 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 104.17.143.115, located in and belongs to CLOUDFLARENET, US. The main domain is www.coursehero.com. The Cisco Umbrella rank of the primary domain is 33372.
TLS certificate: Issued by WE1 on September 29th 2024. Valid for: 3 months.
This is the only time www.coursehero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 104.17.143.115 13335 (CLOUDFLAR...)
3 104.19.230.21 13335 (CLOUDFLAR...)
8 3
Apex Domain
Subdomains		 Transfer
5 coursehero.com
www.coursehero.com — Cisco Umbrella Rank: 33372
92 KB
3 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 8455
newassets.hcaptcha.com — Cisco Umbrella Rank: 6243
47 KB
8 2
Domain Requested by
5 www.coursehero.com www.coursehero.com
2 newassets.hcaptcha.com js.hcaptcha.com
1 js.hcaptcha.com www.coursehero.com
8 3

This site contains no links.

Subject Issuer Validity Valid
coursehero.com
WE1		 2024-09-29 -
2024-12-28		 3 months crt.sh
hcaptcha.com
WE1		 2024-09-07 -
2024-12-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/
Frame ID: C1B8853C034C0AB0E41FF56541DC54EC
Requests: 4 HTTP requests in this frame

Frame: https://www.coursehero.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=12-14179963-0%20NNNY%20RT%281727677967471%204%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U24&incident_id=1801000180037722743-67463688546223244&edet=12&cinfo=0e0000009ef4&rpinfo=0&cts=9DqJZ6RSsxhMnRf6Msqyid9xc3RuSNSNZ33s3NqkV0FoVI7Q3SBxbMdlFouwP0Pr&cip=167.114.209.103&mth=GET
Frame ID: AC6A8A61A2F725BD0144834CE29CEA46
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/70b4624/static/hcaptcha.html
Frame ID: 06A999B52B98F5E8EDF9AD92653458AC
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/70b4624/static/hcaptcha.html
Frame ID: 3DC85CC2808D9C6B4E081A58C4A1448E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

139 kB
Transfer

423 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb8e6e6c97d1871a66aa904e9210661e6c27c3f8730ef9e6a8e5af177baa8cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
BYPASS
cf-ray
8cb22d835c90ac27-YYZ
content-encoding
br
content-type
text/html
date
Mon, 30 Sep 2024 06:32:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-iinfo
12-14179963-0 NNNY RT(1727677967471 4) q(0 -1 -1 0) r(0 -1) B12(14,0,0) U24
Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad
www.coursehero.com/ 		242 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad
Requested by
Host: www.coursehero.com
URL: https://www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5177dcd86f43e22513cd0ad40019c35bfc029baa8ed334fdfec313800f46d2cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
45-14700784-0 0CNN RT(1727674011229 70067) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-encoding
gzip
cf-cache-status
HIT
etag
"e8cc1a14"
x-cdn
Imperva
cf-ray
8cb22d83fcd7ac27-YYZ
accept-ranges
bytes
content-length
80307
date
Mon, 30 Sep 2024 06:32:48 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
_Incapsula_Resource
www.coursehero.com/ Frame AC6A 		14 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=12-14179963-0%20NNNY%20RT%281727677967471%204%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U24&incident_id=1801000180037722743-67463688546223244&edet=12&cinfo=0e0000009ef4&rpinfo=0&cts=9DqJZ6RSsxhMnRf6Msqyid9xc3RuSNSNZ33s3NqkV0FoVI7Q3SBxbMdlFouwP0Pr&cip=167.114.209.103&mth=GET
Requested by
Host: www.coursehero.com
URL: https://www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d10195b6192d7222d0f60ad0c814b5ba1123c1e9274f2edfc864b9fd58eb82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8cb22d843d0fac27-YYZ
content-encoding
br
content-type
text/html
date
Mon, 30 Sep 2024 06:32:48 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
noindex
api.js
js.hcaptcha.com/1/ Frame AC6A 		147 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: www.coursehero.com
URL: https://www.coursehero.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=12-14179963-0%20NNNY%20RT%281727677967471%204%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U24&incident_id=1801000180037722743-67463688546223244&edet=12&cinfo=0e0000009ef4&rpinfo=0&cts=9DqJZ6RSsxhMnRf6Msqyid9xc3RuSNSNZ33s3NqkV0FoVI7Q3SBxbMdlFouwP0Pr&cip=167.114.209.103&mth=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9034a1ad067da69459a1baac888cfdd2c9320148f2546cec38ffd0dd3347ce5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.coursehero.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=300
content-encoding
gzip
cf-cache-status
HIT
etag
"b297a25274fa29ee7831811fa37482b1"
age
0
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
cf-ray
8cb22d85392f542b-YYZ
accept-ranges
bytes
content-length
48091
date
Mon, 30 Sep 2024 06:32:48 GMT
content-type
application/javascript
vary
Origin, Accept-Encoding
server
cloudflare
truncated
/ Frame AC6A 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
319e64e17fc7abe48cf91f1ca2ad7c30ae19ba567c4bc485aa9b2c0ebaa82ba7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame AC6A 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b50694451592ee45ab4426afb035555eb0d3d927c49e9a403e0f5f714dc179d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/70b4624/static/ Frame 06A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/70b4624/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.coursehero.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8cb22d864c80ac81-YYZ
content-encoding
br
content-security-policy
report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type
text/html
date
Mon, 30 Sep 2024 06:32:48 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Origin
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/70b4624/static/ Frame 3DC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/70b4624/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.coursehero.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8cb22d864c80ac81-YYZ
content-encoding
br
content-security-policy
report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type
text/html
date
Mon, 30 Sep 2024 06:32:48 GMT
server
cloudflare
vary
Accept-Encoding Origin
x-content-type-options
nosniff
Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad
www.coursehero.com/ 		758 B
867 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad?d=www.coursehero.com
Requested by
Host: www.coursehero.com
URL: https://www.coursehero.com/Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec66f5b3f5c0a50c912a34e255b95680e9f60dc555aa5b7cc26fd025909dbd20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json; charset=utf-8
Content-Type
text/plain; charset=utf-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
11-19220923-19240667 NNNN CT(8 14 0) RT(1727677774308 193341) q(0 0 0 -1) r(0 1) U6
cache-control
no-cache, no-store
content-encoding
br
cf-cache-status
DYNAMIC
x-cdn
Imperva
cf-ray
8cb22d876ed6ac27-YYZ
access-control-allow-origin
*
server-timing
bon, total;dur=17.992673
date
Mon, 30 Sep 2024 06:32:48 GMT
content-type
application/json
server
cloudflare
favicon.ico
www.coursehero.com/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f2592c9da8332e15f37c12aa993e7be22f8694fef41a1aa2a0f7942ec41901
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' flashcardmachine.com *.flashcardmachine.com sixredmarbles.com *.sixredmarbles.com *.cliffsnotes.com www.staging.cliffsnotes.com *.bartleby.com; report-uri https://api.coursehero.com/v1/csp-report-forwarder
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.coursehero.com/file/83694831/ENVSOCTY-1HB3-Winter-2021-Midterm-1-ONLINE-Study-Guide-1pdf/

Response headers

content-encoding
gzip
ch-request-id
a3d48abe-4330-413e-aa9e-2e651a059ecd
etag
"3aee-61c4adc184680-gzip"
age
7710332
cf-cache-status
HIT
expires
Thu, 03 Jul 2025 00:47:16 GMT
date
Mon, 30 Sep 2024 06:32:48 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 02 Jul 2024 22:01:46 GMT
vary
Accept-Encoding,Accept-Encoding,User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
4-56641762-56783101 NNNN CT(42 495 0) RT(1719966065564 1569758) q(0 0 5 -1) r(6 6) U24
content-security-policy
frame-ancestors 'self' flashcardmachine.com *.flashcardmachine.com sixredmarbles.com *.sixredmarbles.com *.cliffsnotes.com www.staging.cliffsnotes.com *.bartleby.com; report-uri https://api.coursehero.com/v1/csp-report-forwarder
cache-control
max-age=31536000
x-mono
monolith.monolith.svc.cluster.local
x-envoy-upstream-service-time
9
x-cdn
Imperva
cf-ray
8cb22d87df0fac27-YYZ
accept-ranges
bytes
x-response-server
kraken
content-length
2931
server
cloudflare

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| reese84 function| a1_0x4bf2 function| a1_0x3c2e function| reese84interrogator function| initializeProtection number| reeseScriptLoadCount function| protectionSubmitCaptcha

6 Cookies

Domain/Path Name / Value
www.coursehero.com/ Name: visid_incap_987752
Value: J14H17ABS8KdzUV4HCHYAw9G+mYAAAAAQUIPAAAAAAC0v6UwRe9k+0G/HUbgTfKt
www.coursehero.com/ Name: incap_ses_1801_987752
Value: WkgKXxdt7iF3IpAjH3D+GA9G+mYAAAAAww+vku9CUBecqtLjAG6tNA==
www.coursehero.com/ Name: incap_ses_1290_987752
Value: XPLGXjq34BeEEgrpUQDnEQ9G+mYAAAAAZG4qk9ujZHC8mLtXOx0/bQ==
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFincekpozDKK5F2cbPsEZLqFfmo
www.coursehero.com/ Name: nlbi_987752_2147483392
Value: Wb5vJgMPTXyw9MSk5Tz1lQAAAACepOVLK1LTuCzKwlRj2Q6i
.www.coursehero.com/ Name: reese84
Value: 3:vCdh8oXvJtZSaKdll9gfoA==:NH7v/GOjzm7ymdOV0/EtpKC33Lb8oom8WUrYtEl+9xVDulK2xNIZYxCtpkC9HO7j8gubtZUzECdh8ikQHgvIrW+HG3noPRfcnyUcEq5AZJ/o64C5yzxQvJJRihR8WBoqT3dHeywxj3dE9lres1qbERTJFVjDaGU6Doiw6pfLXpCUgmR+qVttDRYH/qEbVkwNSgsbfSYxhf6uNBU2TwB0HpuGsijMMSCBb7iLpoZ07GNFgjSEpaTpPn2R9VDKNL+LInTWrz9rkdQeMefOlvIaqH8DqdrME53P8kvGayKRJ3ZpnvkSjGjcWpo2EJPqTjsDiCf2ZMN0MbGslJpS/XQvM94NBnaRETlxxXZTwW0/NZVdTBsJvIJQJWt9q4wrpasoyuiDV6/1GWBd2mIqDq8yWGCmzDPcV5AqrrLsm1vJGgMyzj7RCSAp9lSl6E6DNp5JlmRR7WstfQStfPkbSLgXAX5HrRLqSm68Kcwmkejx3Y5qZbEJyeYFZ414hoJH1WwxhmPpmttfHZpe0uWpFl/IM5eWcrCkbPyhYjvBLVqYUuSEOVubQQMNpNZEMHRyLrUno/3OzUBMLrpiM33JhuPUOI44a84F9C8UP1ti+bAAj0k=:BBgc81H+eVvRrCAZy0rVVk2w3AHk9APIjDu7voG7LsY=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload