discord.com
Open in
urlscan Pro
162.159.137.232
Public Scan
Effective URL: https://discord.com/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fdev.discordsecurity.io%2Fdiscord%...
Submission: On September 09 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 19th 2021. Valid for: a year.
This is the only time discord.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 103.115.13.195 103.115.13.195 | 137199 (EMERGE-AS...) (EMERGE-AS-AP Emerge Internet) | |
1 38 | 162.159.137.232 162.159.137.232 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
37 | 2 |
ASN137199 (EMERGE-AS-AP Emerge Internet, AU)
cname.discordsecurity.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
38 |
discord.com
1 redirects
discord.com |
2 MB |
2 |
discordsecurity.io
2 redirects
cname.discordsecurity.io |
389 B |
37 | 2 |
Domain | Requested by | |
---|---|---|
38 | discord.com |
1 redirects
discord.com
|
2 | cname.discordsecurity.io | 2 redirects |
37 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-01-19 - 2022-01-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://discord.com/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fdev.discordsecurity.io%2Fdiscord%2Fcallback&scope=identify&state=eyJ1cmwiOiJjbmFtZS5kaXNjb3Jkc2VjdXJpdHkuaW8ifQ&client_id=833270938308313128
Frame ID: D6219F316554B68F09C846C0EC605C63
Requests: 39 HTTP requests in this frame
Screenshot
Page Title
Authorize access to your accountPage URL History Show full URLs
-
https://cname.discordsecurity.io/
HTTP 302
https://cname.discordsecurity.io/discord HTTP 302
https://discord.com/api/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fdev.disco... HTTP 302
https://discord.com/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fdev.discordse... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://cname.discordsecurity.io/
HTTP 302
https://cname.discordsecurity.io/discord HTTP 302
https://discord.com/api/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fdev.discordsecurity.io%2Fdiscord%2Fcallback&scope=identify&state=eyJ1cmwiOiJjbmFtZS5kaXNjb3Jkc2VjdXJpdHkuaW8ifQ&client_id=833270938308313128 HTTP 302
https://discord.com/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fdev.discordsecurity.io%2Fdiscord%2Fcallback&scope=identify&state=eyJ1cmwiOiJjbmFtZS5kaXNjb3Jkc2VjdXJpdHkuaW8ifQ&client_id=833270938308313128 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
authorize
discord.com/oauth2/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0.daebe526f4356d64a05f.css
discord.com/assets/ |
1 MB 272 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a843712b46c9a91b185d.js
discord.com/assets/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e7027049a1f5d8e73cd1.js
discord.com/assets/ |
386 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
08a4cfeea7c548cb757d.js
discord.com/assets/ |
156 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e3ba4c97d62f208968c5.js
discord.com/assets/ |
6 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
experiments
discord.com/api/v9/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
529c42ebd750b0223185.js
discord.com/assets/ |
32 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a6b58152351bab87934f.js
discord.com/assets/ |
39 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ae2359dc5a7bf980130b.js
discord.com/assets/ |
35 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
304f39f152aa89c78cc6.js
discord.com/assets/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5047835d51b900afe14a.worker.js
discord.com/assets/ |
8 KB 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
532ee7a6aded42994eb9.js
discord.com/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
science
discord.com/api/v9/ |
0 564 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c8f0b54f79a9fd1ef60ad74c73a1ee1a.png
discord.com/assets/ |
47 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
22fd790491653d837422d80e3500cf92.svg
discord.com/assets/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
logout
discord.com/api/v9/auth/ |
43 B 850 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
experiments
discord.com/api/v9/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
logout
discord.com/api/v9/auth/ |
43 B 842 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b2a376916b47da3b2d8f.js
discord.com/assets/ |
399 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6ea1724a5bbdf35e5990.js
discord.com/assets/ |
606 KB 132 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
984dca68d7643e22de96.js
discord.com/assets/ |
125 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b308739411cd79650e9b.js
discord.com/assets/ |
103 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
01f7c69e35508bc87309.js
discord.com/assets/ |
278 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5047835d51b900afe14a.worker.js
discord.com/assets/ |
8 KB 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
science
discord.com/api/v9/ |
0 563 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e8acd7d9bf6207f99350ca9f9e23b168.woff
discord.com/assets/ |
76 KB 34 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
88055567e3d928bcb1e67e967081572e.woff
discord.com/assets/ |
61 KB 62 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3bdef1251a424500c1b3a78dea9b7e57.woff
discord.com/assets/ |
75 KB 34 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
be0060dafb7a0e31d2a1ca17c0708636.woff
discord.com/assets/ |
81 KB 36 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
location-metadata
discord.com/api/v9/auth/ |
119 B 666 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
science
discord.com/api/v9/ |
0 565 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
092b071c3b3141a58787415450c27857.png
discord.com/assets/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
experiments
discord.com/api/v9/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5047835d51b900afe14a.worker.js
discord.com/assets/ |
8 KB 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
science
discord.com/api/v9/ |
0 566 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
092b071c3b3141a58787415450c27857.png
discord.com/assets/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
85 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster boolean| __OVERLAY__ boolean| __BILLING_STANDALONE__ object| GLOBAL_ENV object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ object| DiscordSentry function| _ object| platform object| IntlPolyfill object| __SECRET_EMOTION__ object| __localeData__2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
discord.com/ | Name: __dcfduid Value: 217c2266111a11eca6e642010a0a0749 |
|
discord.com/ | Name: __sdcfduid Value: 217c2266111a11eca6e642010a0a07495850bb244d5532c74f2bdcd29f440db17de587faf1f6b6bddc789ada8437f1af |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-MTMyLDIzNSwxNCwxNjksMjE4LDExNCwyMDMsMTEx' https://cdn.discordapp.com/animations/ https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/ https://*.hcaptcha.com https://hcaptcha.com https://js.stripe.com https://js.braintreegateway.com https://assets.braintreegateway.com https://www.paypalobjects.com https://checkout.paypal.com; style-src 'self' 'unsafe-inline' https://cdn.discordapp.com https://*.hcaptcha.com https://hcaptcha.com; img-src 'self' blob: data: https://*.discordapp.net https://*.discordapp.com https://*.discord.com https://i.scdn.co https://i.ytimg.com https://i.imgur.com https://*.gyfcat.com https://media.tenor.co https://media.tenor.com https://c.tenor.com https://*.youtube.com https://*.giphy.com https://static-cdn.jtvnw.net https://pbs.twimg.com https://assets.braintreegateway.com https://checkout.paypal.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://status.discordapp.com https://status.discord.com https://support.discordapp.com https://support.discord.com https://discordapp.com https://discord.com https://cdn.discordapp.com https://media.discordapp.net https://router.discordapp.net wss://*.discord.gg https://best.discord.media https://latency.discord.media wss://*.discord.media wss://dealer.spotify.com https://api.spotify.com https://sentry.io https://api.twitch.tv https://api.stripe.com https://api.braintreegateway.com https://client-analytics.braintreegateway.com https://origin-analytics-prod.production.braintree-api.com https://payments.braintree-api.com https://www.googleapis.com https://*.algolianet.com https://*.hcaptcha.com https://hcaptcha.com https://*.algolia.net ws://127.0.0.1:* http://127.0.0.1:*; media-src 'self' blob: https://*.discordapp.net https://*.discord.com https://*.discordapp.com https://*.youtube.com https://streamable.com https://vid.me https://*.gfycat.com https://twitter.com https://oddshot.akamaized.net https://*.giphy.com https://i.imgur.com https://media.tenor.co https://media.tenor.com https://c.tenor.com; frame-src https://discordapp.com/domain-migration discord: https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/ https://*.hcaptcha.com https://hcaptcha.com https://js.stripe.com https://hooks.stripe.com https://checkout.paypal.com https://assets.braintreegateway.com https://player.twitch.tv https://clips.twitch.tv/embed https://player.vimeo.com https://www.youtube.com/embed/ https://twitter.com/i/videos/ https://www.funimation.com/player/ https://www.redditmedia.com/mediaembed/ https://open.spotify.com/embed/ https://w.soundcloud.com/player/ https://audius.co/embed/ https://*.watchanimeattheoffice.com https://localhost:* https://*.discordsays.com; child-src 'self' https://assets.braintreegateway.com https://checkout.paypal.com; |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cname.discordsecurity.io
discord.com
103.115.13.195
162.159.137.232
08ff45ec9d6f34f486eb06e9051ff7ed208c12a62d73e75ad4612cd44d18b7ca
09684d24f65c50caafea52eec5b77e9f7465ae201fa6253f2267d3c937aa9836
0e9a97ab8ee2408a80d5d42ea49fc1cbf291f71a11a3a1728418074087709754
0f124c1f9ebcd78817a9e6f5fbd5b0fe466b1356b92405ec1670b14448f816f5
0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4
1e5b681a64250fa170140bf64af835912f6caa1ab50499607536d87c90a5fcd0
2b208e19d66f1a3b80a22906ba1bc4339a3598ebb54bfb4b7b6930fcbd6d9058
3496cfee907c7b1e2606f74696da59c4d93adbdf4d8a5016304f0e9f01922cd1
37067095751dc111ab5cb735567ace0b57e5d89554f46677c6f310545c949604
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
54b40c01e6debf4efd16eae09414d2b75cd0e2a546335d4042eff784abfd1fde
62128c9d2ee649978468c0902fa499c37849b1aff7838883c4a5edd7cbc79981
641b1091276ba75578c3d93f367f0d70bcbba7c62a7f159c4307acf0ed6c5cbe
774085c73d7aeecdd59894443d83d16b7e4e731c89420ca9f7356a5c9c928056
7a0545bd62555ca0cef2b395142629ae38d0e6668bc3ab684f9fad4aab7977db
7aa3ed66d7f4b15384629b2179fed29c6b6577ce88b118a2934a1f99aa7019aa
7cc345af8a3ace8e039f9f2b659ad0411d3da20afb55e14977418a93e9cb377b
8164249c6e26be64cbd238c36637c18736ee9a1cdf18e9bb4a71a9bbda311b72
868d043fdd3b7fd29c7bb3c3a1ca3b0cf35c1457fd2b0e4335fd8653fa4f9d72
86fc92fdfb9c278a76d1f36bba788a538dfd3bd2bf635cbbc2bc6702068c64c3
89d1e62012d63d7775d6ebc9a879b6208824485b2912f67f36e9d1036ad7520c
8ae8119962b9358ab934ffb612e634fa23ca462c720c8915a8306c4c984d1cba
9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff
b27d3fb3f7e20e1ced374b169c89b4010a01ad6de8923278c61b6095aafd0f80
ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae
d494d5aa9ac72cc52a06f4880590f0a3f5235269bfa3cdcdd9180899e2ba7412
d6b607222aec0243ac547c65de0a4f0136598f96f95233379448be824b0c3d03
e1a7aaa8cad72a69edd22982a7d96dfd89da9fbe8e493f281b7306442fd69206
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144
fd79ee1b3cec35c58344e12d5e530a772f33d87ce52a7460c18d7960f89d7c78