www.coursera.org - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 18.173.187.14, located in United States and belongs to AMAZON-02, US. The main domain is www.coursera.org. The Cisco Umbrella rank of the primary domain is 28169.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 23rd 2023. Valid for: a year.

This is the only time www.coursera.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	18.173.187.14 18.173.187.14	16509 (AMAZON-02) (AMAZON-02)
1	16.182.97.161 16.182.97.161	16509 (AMAZON-02) (AMAZON-02)
3	2

2 18.173.187.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-14.muc50.r.cloudfront.net

www.coursera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.97.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

coursera.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	coursera.org www.coursera.org — Cisco Umbrella Rank: 28169	4 KB
1	amazonaws.com coursera.s3.amazonaws.com	6 KB
3	2

	Domain	Requested by
2	www.coursera.org
1	coursera.s3.amazonaws.com	www.coursera.org
3	2

This site contains no links.

Subject Issuer	Validity	Valid
coursera.org Amazon RSA 2048 M02	`2023-06-23` - `2024-07-21`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.coursera.org/learn/detection-and-response/supplement/ZkXDx/analyze-indicators-of-compromise-with-investigative-tools
Frame ID: 00395A40D875CCDDD2C03295DECB98CF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coursera - Sorry, we are down for maintenance.

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

10 kB
Transfer

21 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 500 Primary Request analyze-indicators-of-compromise-with-investigative-tools Show response
www.coursera.org/learn/detection-and-response/supplement/ZkXDx/ 1020 B
1 KB 252ms
146ms Document
text/html 18.173.187.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coursera.org/learn/detection-and-response/supplement/ZkXDx/analyze-indicators-of-compromise-with-investigative-tools
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-14.muc50.r.cloudfront.net
Software: /
Resource Hash: e542d2102248d62576e1a811be95cb84eaf3a728e2c6bfb788ef4943ab68b1d7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 1020
content-type: text/html
date: Thu, 11 Apr 2024 17:40:49 GMT
via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
x-amz-cf-id: mW6xmodC0jtLJh4zl8ULZ_nEQQkHhm7h_hYge5gTplRAKd2FXhXOEA==
x-amz-cf-pop: MUC50-P4
x-cache: Error from cloudfront

GET
H/1.1 200
OK coursera-logo.svg
coursera.s3.amazonaws.com/error_pages/ 5 KB
6 KB 382ms
137ms Image
image/svg+xml 16.182.97.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coursera.s3.amazonaws.com/error_pages/coursera-logo.svg
Requested by: Host: www.coursera.org
URL: https://www.coursera.org/learn/detection-and-response/supplement/ZkXDx/analyze-indicators-of-compromise-with-investigative-tools
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.97.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a81f5cd1db874d181d19bacbea68ab255f266b8a5b55f15229e9a7e9a07e2c9f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.coursera.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 11 Apr 2024 17:40:51 GMT
x-amz-version-id: ucqTnhE8TqJSNh6SpgDfQrEesV3RDrKt
Last-Modified: Wed, 22 Oct 2014 19:59:26 GMT
Server: AmazonS3
x-amz-request-id: J1GHBYB2TSFF2GRX
ETag: "ef65e48dd39d017cec236eaa54e6679e"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5270
x-amz-id-2: Bc5eqOpYyOBv8tLJuusSxYngTxxWF8wwBfxY5PEaIAsV2dcREfePXoNSO9kSnbYWgFxAk5CkrLI=

GET
H2 200 favicon.ico
www.coursera.org/ 15 KB
3 KB 241ms
241ms Other
image/x-icon 18.173.187.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coursera.org/favicon.ico

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-14.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6e736e02c4a67c5cc974c5ea510c4e308939d9c1646b608d50a4674e0d03db8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.coursera.org/learn/detection-and-response/supplement/ZkXDx/analyze-indicators-of-compromise-with-investigative-tools
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 17:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
x-amz-version-id: null
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
x-coursera-request-id: ov_sC_gqEe6Ljw7Cbb33eQ
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Jan 2021 18:18:37 GMT
server: AmazonS3
etag: "19b454ad517ab4f46b5c6f648f00588c"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-amz-cf-id: zRItGNz9nCwOdzPOtajSK0dI2ngrs9Y2DvNFp8u6SZgKNdzeQDncMg==
x-coursera-trace-id-hex: 2f1cd6bcd2b05660

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.coursera.org/	1970-01-20 20:02:01	Name: CSRF3-Token Value: 1713721250.nvoNtLmS6lGqMu0T
			.coursera.org/	1970-01-21 04:33:13	Name: __204u Value: 5323061224-1712857250206

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.coursera.org/learn/detection-and-response/supplement/ZkXDx/analyze-indicators-of-compromise-with-investigative-tools Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coursera.s3.amazonaws.com
www.coursera.org
16.182.97.161
18.173.187.14
6e736e02c4a67c5cc974c5ea510c4e308939d9c1646b608d50a4674e0d03db8a
a81f5cd1db874d181d19bacbea68ab255f266b8a5b55f15229e9a7e9a07e2c9f
e542d2102248d62576e1a811be95cb84eaf3a728e2c6bfb788ef4943ab68b1d7

www.coursera.org Open in urlscan Pro 18.173.187.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

10 kBTransfer

21 kBSize

2 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

www.coursera.org Open in urlscan Pro
18.173.187.14 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

10 kB
Transfer

21 kB
Size

2
Cookies

3 HTTP transactions
0 data transactions