urlscan.io logo urlscan.io
SecurityTrails logo

discource.xyz Open in urlscan Pro
103.179.189.73  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://discource.xyz/
Effective URL: https://discource.xyz/
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 16 HTTP transactions. The main IP is 103.179.189.73, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is discource.xyz.
TLS certificate: Issued by R3 on July 3rd 2022. Valid for: 3 months.
This is the only time discource.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 103.179.189.73 135905 (VNPT-AS-V...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 103.160.76.46 140766 (FPTCLOUD-...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 9
3    103.179.189.73 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: 103.179.189.73.cloudfly.vn
discource.xyz
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    103.160.76.46 (Viet Nam)

ASN140766 (FPTCLOUD-AS-VN FPT Smart Cloud Company Limited, VN)
career.fpt.edu.vn
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:801::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
5 google.com
apis.google.com — Cisco Umbrella Rank: 162
accounts.google.com — Cisco Umbrella Rank: 116
44 KB
3 discource.xyz
discource.xyz
2 MB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
2 KB
1 gstatic.com
www.gstatic.com
34 KB
1 fpt.edu.vn
career.fpt.edu.vn
41 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429
24 KB
0 hbgreen.com.vn Failed
hbgreen.com.vn Failed
16 8
Domain Requested by
3 accounts.google.com apis.google.com
discource.xyz
www.gstatic.com
3 discource.xyz 1 redirects discource.xyz
2 apis.google.com discource.xyz
apis.google.com
2 cdnjs.cloudflare.com discource.xyz
2 fonts.googleapis.com discource.xyz
client
1 www.gstatic.com accounts.google.com
1 career.fpt.edu.vn discource.xyz
1 cdn.jsdelivr.net discource.xyz
0 hbgreen.com.vn Failed discource.xyz
16 9

This site contains no links.

Subject Issuer Validity Valid
discource.xyz
R3		 2022-07-03 -
2022-10-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.fpt.edu.vn
GeoTrust RSA CA 2018		 2022-02-16 -
2023-02-07		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://discource.xyz/
Frame ID: 9C80FAAB3C362AA99776DB82BBBD6A88
Requests: 12 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: B7132DB04198E0EB98F4FB71FE273962
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quản lý thực tập

Page URL History Show full URLs

  1. http://discource.xyz/ HTTP 301
    https://discource.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

16
Requests

88 %
HTTPS

75 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

2004 kB
Transfer

11842 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://discource.xyz/ HTTP 301
    https://discource.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
discource.xyz/
Redirect Chain
  • http://discource.xyz/
  • https://discource.xyz/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://discource.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.179.189.73 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.179.189.73.cloudfly.vn
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
07ee1f1ac8ce948695233fc16abd5c9e317af4a8637fde5ce4e05443a61618e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 03 Jul 2022 14:39:18 GMT
ETag
W/"9da-FX1j4xuuj3q+eSZuxD0aRYq/HCM"
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express

Redirect headers

Connection
keep-alive
Content-Length
194
Content-Type
text/html
Date
Sun, 03 Jul 2022 14:39:18 GMT
Location
https://discource.xyz/
Server
nginx/1.14.0 (Ubuntu)
css2
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: discource.xyz
URL: https://discource.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0745c3820f4c9df416296e2ad33c7c6be13125916cc26eb0d55d94c3b467ecd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discource.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 03 Jul 2022 14:39:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 03 Jul 2022 14:39:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Jul 2022 14:39:21 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
Requested by
Host: discource.xyz
URL: https://discource.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discource.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 14:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3269624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
382
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-50a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erbRMPDL3%2F1VIy4VAmQinmhPsiNWx%2Bk992TrB%2Bh10NQOvn1RcnFPPEEwKwBFHsqfmZDSvBrlvL%2BlRqQyijXYFje%2FzwJlAkaFbNnIuid3m%2Bjw03LvWJP3y8yZ2BVw1qBnvwwZAP4IBn8IsSfHyBOeONoe"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72505ebc6c205c56-FRA
expires
Fri, 23 Jun 2023 14:39:21 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		2 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Requested by
Host: discource.xyz
URL: https://discource.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discource.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 14:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2039431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
637
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-92d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aKxDZrXaTy6eFaH%2BxhDN4ClhWcChojf6Ti7i3Thh7AR8za8RnEHNp4ObQK3K5yrDqraKYFsFSiJr2jO60o4I%2FfCHTW00F5YddsdXY7OQjAbFwQYDxpRbMXBrGtphYsXJc4QwD7eadf2ddKBc3tpxeDI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72505ebc6c235c56-FRA
expires
Fri, 23 Jun 2023 14:39:21 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: discource.xyz
URL: https://discource.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://discource.xyz/
Origin
https://discource.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 14:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9004657
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19168-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eA5M%2BTZ4T2nkK2oNniBInw%2B6tqr6Igh0b5clPSUnQr6etQdNJzOCiirqnJWZCfMzYWtf4LVaqTK1s4JE9m%2FPLenZozqlAXNNnWu%2BkzB4p6ZT%2FR5zJe%2F1EiZ7bHNEbVeZ6JKYgBdy%2BoU7DbZZgtM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
72505ebc8f1f5bf5-FRA
bundle.js
discource.xyz/static/js/ 		11 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://discource.xyz/static/js/bundle.js
Requested by
Host: discource.xyz
URL: https://discource.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.179.189.73 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
103.179.189.73.cloudfly.vn
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
7eae690ec4b37cbcd728de2c086d340342aa0ae9a8bcfb2417e7d8e94e5293e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discource.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 14:39:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"b33476-6eos3tp0Y1cDMnTVRbDDa8vEoe4"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
*
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
css2
fonts.googleapis.com/ 		2 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Press+Start+2P&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6aa7f955aa8145843757309c7545e3f7b65160c2cacd9bf87d6b053d047305c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discource.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 03 Jul 2022 14:36:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 03 Jul 2022 14:39:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Jul 2022 14:39:24 GMT
Poly.png
career.fpt.edu.vn/Content/images/logo_unit/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://career.fpt.edu.vn/Content/images/logo_unit/Poly.png
Requested by
Host: discource.xyz
URL: https://discource.xyz/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.160.76.46 , Viet Nam, ASN140766 (FPTCLOUD-AS-VN FPT Smart Cloud Company Limited, VN),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
58b9c3d9b5cbff3371db6d13f02650208a5fd4e5fa145d1a875d474e002ea885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discource.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 14:39:24 GMT
Last-Modified
Mon, 16 Nov 2020 17:26:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"06c9e963dbcd61:0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
41536
api.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: discource.xyz
URL: https://discource.xyz/static/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ea949901347c2d47eee3e4b87b2a01ed7da200797ca5f7833895bc7b2eb898
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discource.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Sun, 03 Jul 2022 14:39:24 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"62022d8722bdbfd3"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Jul 2022 14:39:24 GMT
cumpus
hbgreen.com.vn/api/ 		0
0
smester
hbgreen.com.vn/api/ 		0
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59c7712e75a6f0bbefd0fefa67e85d464cf14bbd7463331f4ba7e0a963ace1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://discource.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 11:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36570
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:25:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Jul 2023 11:50:07 GMT
iframe
accounts.google.com/o/oauth2/ Frame B713 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a85ee7dd5f7f1cacb85743b21eefd17fcb375e396e648dfe6219bb12d961d7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GSIdopMNiUjroFAEFE54NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://discource.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GSIdopMNiUjroFAEFE54NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 03 Jul 2022 14:39:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame B713 		2 KB
851 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: discource.xyz
URL: https://discource.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
08d4e7973078e39953ab8c1caf6379608ea6092b8dfd2b406a0871ce12b53ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 14:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.7oUPIHePKZo.es5.O/d=1/rs=AOaEmlFXteZuKYPTSgEBAzQThn5saXHrpw/ Frame B713 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.7oUPIHePKZo.es5.O/d=1/rs=AOaEmlFXteZuKYPTSgEBAzQThn5saXHrpw/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
447a966f9c3c316da778ae29c2cd3972fa922b00f7b01bd3473c59a4141324a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 05:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34455
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 08:40:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 05:40:24 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame B713 		50 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdiscource.xyz&client_id=116205081385-umqm7s5qlspf4s0tc4jke7tafpvgj2k7.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.7oUPIHePKZo.es5.O/d=1/rs=AOaEmlFXteZuKYPTSgEBAzQThn5saXHrpw/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-hGODpzkN61uRMmh3nYWE6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 14:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-hGODpzkN61uRMmh3nYWE6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
expires
Sun, 03 Jul 2022 14:39:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbgreen.com.vn
URL
http://hbgreen.com.vn/api/cumpus
Domain
hbgreen.com.vn
URL
http://hbgreen.com.vn/api/smester

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| uidEvent object| bootstrap function| webpackHotUpdateduantotnghiep object| __REACT_DEVTOOLS_GLOBAL_HOOK__ boolean| __reactRefreshInjected function| saveAs function| _ object| gapi object| ___jsl object| osapi

2 Cookies

Domain/Path Name / Value
.discource.xyz/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=NdZR5IT9xuR6fOi4FlpnYBm6TI2bGK58KOkQThIfgLIToodHwxFmjCJP-IaMIgW8cmvMIqkF0_nhxdpsDxBIMKzOXcCV5H6E8CHc5JZbNkShploFYL0poS-kWvMXiWymS1PXqI1v7_664Hz0r-vuVXIFE2kY4pJb3u3LR3F5u9w

6 Console Messages

Source Level URL
Text
security error URL: https://discource.xyz/static/js/bundle.js(Line 55150)
Message:
Mixed Content: The page at 'https://discource.xyz/login' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://hbgreen.com.vn/api/cumpus'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://discource.xyz/static/js/bundle.js(Line 55150)
Message:
Mixed Content: The page at 'https://discource.xyz/login' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://hbgreen.com.vn/api/smester'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://discource.xyz/static/js/bundle.js(Line 182608)
Message:
WebSocket connection to 'wss://discource.xyz:3000/ws' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://discource.xyz/static/js/bundle.js(Line 182608)
Message:
WebSocket connection to 'wss://discource.xyz:3000/ws' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR