urlscan.io logo urlscan.io
SecurityTrails logo

www.coursehero.com Open in urlscan Pro
104.17.143.115  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/
Submission Tags: falconsandbox
Submission: On September 18 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 104.17.143.115, located in and belongs to CLOUDFLARENET, US. The main domain is www.coursehero.com. The Cisco Umbrella rank of the primary domain is 31078.
TLS certificate: Issued by WE1 on August 1st 2024. Valid for: 3 months.
This is the only time www.coursehero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 104.17.143.115 13335 (CLOUDFLAR...)
1 104.19.229.21 13335 (CLOUDFLAR...)
2 104.19.230.21 13335 (CLOUDFLAR...)
8 4
Apex Domain
Subdomains		 Transfer
5 coursehero.com
www.coursehero.com — Cisco Umbrella Rank: 31078
90 KB
3 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 7806
newassets.hcaptcha.com — Cisco Umbrella Rank: 5980
47 KB
8 2
Domain Requested by
5 www.coursehero.com www.coursehero.com
2 newassets.hcaptcha.com js.hcaptcha.com
1 js.hcaptcha.com www.coursehero.com
8 3

This site contains no links.

Subject Issuer Validity Valid
coursehero.com
WE1		 2024-08-01 -
2024-10-30		 3 months crt.sh
hcaptcha.com
WE1		 2024-09-07 -
2024-12-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/
Frame ID: 76D7DC2989D33C37A90D1B2AEB49B2C6
Requests: 4 HTTP requests in this frame

Frame: https://www.coursehero.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=59-62700053-0%20SNNN%20RT%281726678639896%2039086%29%20q%280%20-1%20-1%203%29%20r%281%20-1%29%20B12%2814%2c0%2c0%29%20U24&incident_id=1848000050154848859-308367381979726203&edet=12&cinfo=0e0000001e3c&rpinfo=0&cts=9Ywj0Jfx8YNuuZ4zz3jEm9ZwCijIO5q%2fpfKBskrQdXoIJ2Yo86HrA5S4T5SY6qG9&cip=167.114.209.103&mth=GET
Frame ID: CF7A75AF6AB5ECBDC752B6446AED0D26
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/8524269/static/hcaptcha.html
Frame ID: E6DBB2365CEFCC9EFAF5CC0549C25040
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/8524269/static/hcaptcha.html
Frame ID: 1B4B85878EEE30A200C339135D8CCEE2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

137 kB
Transfer

415 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39bbac79bd5b30399d7e3b7d88e0a06d2462c329641feb0a53bf01bfe9dfe86c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
BYPASS
cf-ray
8c52e0d41e183703-YYZ
content-encoding
br
content-type
text/html
date
Wed, 18 Sep 2024 16:57:59 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-iinfo
59-62700053-0 SNNN RT(1726678639896 39086) q(0 -1 -1 3) r(1 -1) B12(14,0,0) U24
Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad
www.coursehero.com/ 		234 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad
Requested by
Host: www.coursehero.com
URL: https://www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e04be4bdeb32bbb9ffa85ee360717634c763b7dc66044516adea5e209e78e7e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
61-143794533-0 0CNN RT(1726674763446 114) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-encoding
gzip
cf-cache-status
HIT
etag
"f34eea96"
x-cdn
Imperva
cf-ray
8c52e0d4eeed3703-YYZ
accept-ranges
bytes
content-length
78505
date
Wed, 18 Sep 2024 16:57:59 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
_Incapsula_Resource
www.coursehero.com/ Frame CF7A 		14 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=59-62700053-0%20SNNN%20RT%281726678639896%2039086%29%20q%280%20-1%20-1%203%29%20r%281%20-1%29%20B12%2814%2c0%2c0%29%20U24&incident_id=1848000050154848859-308367381979726203&edet=12&cinfo=0e0000001e3c&rpinfo=0&cts=9Ywj0Jfx8YNuuZ4zz3jEm9ZwCijIO5q%2fpfKBskrQdXoIJ2Yo86HrA5S4T5SY6qG9&cip=167.114.209.103&mth=GET
Requested by
Host: www.coursehero.com
URL: https://www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
340f93b7a538531bbcdf3dca2979a8b414d696d5c6bc51a333e9aff1552a6625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8c52e0d58f8f3703-YYZ
content-encoding
br
content-type
text/html
date
Wed, 18 Sep 2024 16:57:59 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
noindex
api.js
js.hcaptcha.com/1/ Frame CF7A 		147 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: www.coursehero.com
URL: https://www.coursehero.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=59-62700053-0%20SNNN%20RT%281726678639896%2039086%29%20q%280%20-1%20-1%203%29%20r%281%20-1%29%20B12%2814%2c0%2c0%29%20U24&incident_id=1848000050154848859-308367381979726203&edet=12&cinfo=0e0000001e3c&rpinfo=0&cts=9Ywj0Jfx8YNuuZ4zz3jEm9ZwCijIO5q%2fpfKBskrQdXoIJ2Yo86HrA5S4T5SY6qG9&cip=167.114.209.103&mth=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe3d4c2bb7ed13ad75f9a79b537427f459a4d8706f35d1ca90bb5eacbf553c62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.coursehero.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"064efd0e4a91ca790b87beb55b975222"
age
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 16:58:00 GMT
content-type
application/javascript
vary
Origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=300
cross-origin-resource-policy
cross-origin
cf-ray
8c52e0d6ea7aab63-YYZ
accept-ranges
bytes
content-length
48064
server
cloudflare
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/8524269/static/ Frame E6DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/8524269/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.coursehero.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8c52e0d9097254d9-YYZ
content-encoding
br
content-security-policy
report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type
text/html
date
Wed, 18 Sep 2024 16:58:00 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Origin
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/8524269/static/ Frame 1B4B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/8524269/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.coursehero.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8c52e0d9097254d9-YYZ
content-encoding
br
content-security-policy
report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type
text/html
date
Wed, 18 Sep 2024 16:58:00 GMT
server
cloudflare
vary
Accept-Encoding Origin
x-content-type-options
nosniff
truncated
/ Frame CF7A 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
319e64e17fc7abe48cf91f1ca2ad7c30ae19ba567c4bc485aa9b2c0ebaa82ba7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame CF7A 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b50694451592ee45ab4426afb035555eb0d3d927c49e9a403e0f5f714dc179d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad
www.coursehero.com/ 		758 B
943 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad?d=www.coursehero.com
Requested by
Host: www.coursehero.com
URL: https://www.coursehero.com/Ifainesse-What-mine-Alasterd-the-How-I-haile-Lad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b7cf10268ee2c39a28b377833deecee41a854b1a2734452160cd3ee69dc463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json; charset=utf-8
Content-Type
text/plain; charset=utf-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
5-4213959-4292526 PNNN RT(1726676184607 2496436) q(0 0 0 0) r(0 0) U6
cache-control
no-cache, no-store
content-encoding
br
cf-cache-status
DYNAMIC
x-cdn
Imperva
cf-ray
8c52e0dd4d813703-YYZ
access-control-allow-origin
*
server-timing
bon, total;dur=3.447833
date
Wed, 18 Sep 2024 16:58:01 GMT
content-type
application/json
server
cloudflare
favicon.ico
www.coursehero.com/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.coursehero.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.143.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f2592c9da8332e15f37c12aa993e7be22f8694fef41a1aa2a0f7942ec41901
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' flashcardmachine.com *.flashcardmachine.com sixredmarbles.com *.sixredmarbles.com *.cliffsnotes.com www.staging.cliffsnotes.com *.bartleby.com; report-uri https://api.coursehero.com/v1/csp-report-forwarder
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.coursehero.com/file/233873078/En-knuff-i-r%C3%A4tt-riktningdocx/

Response headers

content-encoding
gzip
ch-request-id
a3d48abe-4330-413e-aa9e-2e651a059ecd
etag
"3aee-61c4adc184680-gzip"
age
6711045
cf-cache-status
HIT
expires
Thu, 03 Jul 2025 00:47:16 GMT
date
Wed, 18 Sep 2024 16:58:01 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 02 Jul 2024 22:01:46 GMT
vary
Accept-Encoding,Accept-Encoding,User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-iinfo
4-56641762-56783101 NNNN CT(42 495 0) RT(1719966065564 1569758) q(0 0 5 -1) r(6 6) U24
content-security-policy
frame-ancestors 'self' flashcardmachine.com *.flashcardmachine.com sixredmarbles.com *.sixredmarbles.com *.cliffsnotes.com www.staging.cliffsnotes.com *.bartleby.com; report-uri https://api.coursehero.com/v1/csp-report-forwarder
cache-control
max-age=31536000
x-mono
monolith.monolith.svc.cluster.local
x-envoy-upstream-service-time
9
x-cdn
Imperva
cf-ray
8c52e0dd9dc93703-YYZ
accept-ranges
bytes
x-response-server
kraken
content-length
2931
server
cloudflare

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| a1_0x1000 function| a1_0x3e0e object| reese84 function| reese84interrogator function| initializeProtection number| reeseScriptLoadCount function| protectionSubmitCaptcha

7 Cookies

Domain/Path Name / Value
www.coursehero.com/ Name: visid_incap_987752
Value: K1aO4+ONT0SQEkocBDh4tpYG62YAAAAAQUIPAAAAAAC69yJXc/1h7JWK1rkl+Z6h
www.coursehero.com/ Name: incap_ses_1848_987752
Value: QLXlGTAJcExbQmImQWqlGZcG62YAAAAAtOmWtiz4p0l9QAmYPtIefw==
www.coursehero.com/ Name: incap_ses_532_987752
Value: m/lLCPL/ERMvdXYFTwtiB5cG62YAAAAAi3y6+/qVOQSCgqxxvgyLcA==
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFincekpozDKK5F2ccjWHmrGJSry
www.coursehero.com/ Name: nlbi_987752_2147483392
Value: OEsbXPUoaV0sua625Tz1lQAAAADrGM7SSZ0ds2qrL0I8cOcS
www.coursehero.com/ Name: incap_ses_1444_987752
Value: 68ECfBMRbDLHPFyvhR4KFJkG62YAAAAAE04K+JO7Hzm+QQx5oZxRtQ==
.www.coursehero.com/ Name: reese84
Value: 3:etuFy9G3tsgqSOmuCPNqXw==:TGbWANzKgbnNmS9Ke/CrCJDX/cn4DIVxi77d+ehEiA2yEbaNNJiKkHHFEaLy8qAIt6pRRRiL4LJ+iVCPDKER+sjX8vwqsTp9LE+c0i2RXadRMkZOgTGuNKpEHhnJFmXdJYfVze2QooAyz29Aqve5mEAYnFC2uuyTNoU6up3UkHc5JKYtW3YD+/lWXUXKB1pSRYlSfuCu227wS0JkTRnNHACHoRuustuA821sp44NLIVB7/e7jLagesGyosD/uj2pWGgw6zfxNOfJqSYVTGkxasT6o7uYUlcLTkFmJgf+AKBiOkMKodPMumJTAzxEIlY7m+sBE+4V9Vknk9PLIAPPUUbLUbkLGlWKpG3nOfVxWCdf4c7J8ORME7L8/SUKQxCJeMRyeXps8POx1+iE2qzZgpIwatcjn/WmgNR3HEDAbRgGvoEJXt8xySgCtUpys7PrZmx9LOvG2l3UeTGxTD/JPgHR5oqWnLqsJlTR4Za+WjNMHyxXac6i2Xu3Dm7TnFOmWtkAbuGgpf2lExbx3yh9eZqH1xeZ9kFlVzCkcX7X+19ACpz0zbgityj1FGcfUE/1Lm0jISlkVBee6qwy98UiMecHyzd/70TD5TNvwQiMfUQ=:mYhgVTeRWLHxTN1X7ZcpvHQStIFgBiBXsQXLODD8mpE=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload