urlscan.io logo urlscan.io
SecurityTrails logo

brcommunity.staged-by-discourse.com Open in urlscan Pro
2602:fd3f:1:ff02::4b  Public Scan

Go To Rescan Add Verdict Report
URL: https://brcommunity.staged-by-discourse.com/
Submission Tags: phishingrod
Submission: On September 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2602:fd3f:1:ff02::4b, located in and belongs to CDCK, US. The main domain is brcommunity.staged-by-discourse.com.
TLS certificate: Issued by R3 on September 27th 2023. Valid for: 3 months.
This is the only time brcommunity.staged-by-discourse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2602:fd3f:1:f... 394230 (CDCK)
5 2600:9000:205... 16509 (AMAZON-02)
6 2
Apex Domain
Subdomains		 Transfer
5 discourse-cdn.com
dub2.discourse-cdn.com — Cisco Umbrella Rank: 401273
344 KB
1 staged-by-discourse.com
brcommunity.staged-by-discourse.com
3 KB
6 2
Domain Requested by
5 dub2.discourse-cdn.com brcommunity.staged-by-discourse.com
dub2.discourse-cdn.com
1 brcommunity.staged-by-discourse.com
6 2

This site contains no links.

Subject Issuer Validity Valid
brcommunity.staged-by-discourse.com
R3		 2023-09-27 -
2023-12-26		 3 months crt.sh
dub2.discourse-cdn.com
Amazon RSA 2048 M01		 2023-02-08 -
2024-03-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://brcommunity.staged-by-discourse.com/
Frame ID: 0F51F55C4D414BF3950056F07FCE3938
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Discourse Setup

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

347 kB
Transfer

367 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
brcommunity.staged-by-discourse.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brcommunity.staged-by-discourse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:fd3f:1:ff02::4b -, , ASN394230 (CDCK, US),
Reverse DNS
Software
nginx /
Resource Hash
5560243d9d8819ea06859eabf75e7cc11da9ebfe21159cde7e1d51d0e68362a1
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src https://brcommunity.staged-by-discourse.com/logs/ https://brcommunity.staged-by-discourse.com/sidekiq/ https://brcommunity.staged-by-discourse.com/mini-profiler-resources/ https://europe1.discourse-cdn.com/brcommunitystaging/assets/ https://europe1.discourse-cdn.com/brcommunitystaging/brotli_asset/ https://brcommunity.staged-by-discourse.com/extra-locales/ https://dub2.discourse-cdn.com/brcommunitystaging/highlight-js/ https://dub2.discourse-cdn.com/brcommunitystaging/javascripts/ https://dub2.discourse-cdn.com/brcommunitystaging/plugins/ https://dub2.discourse-cdn.com/brcommunitystaging/theme-javascripts/ https://dub2.discourse-cdn.com/brcommunitystaging/svg-sprite/ 'sha256-8uAKDaK4QxxCeYZl0Wxad2Nnj2tgKyA14hYBh66pnn0=' https://brcommunity.staged-by-discourse.com/plugins/discourse-client-performance/javascripts/discourse-client-performance.js; worker-src 'self' https://europe1.discourse-cdn.com/brcommunitystaging/assets/ https://europe1.discourse-cdn.com/brcommunitystaging/brotli_asset/ https://dub2.discourse-cdn.com/brcommunitystaging/javascripts/ https://dub2.discourse-cdn.com/brcommunitystaging/plugins/; frame-ancestors 'self'; manifest-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
cdck-proxy-id
app-router-tiehunter01.dub2 app-balancer-tieinterceptor1b.dub2
content-encoding
gzip
content-security-policy
base-uri 'self'; object-src 'none'; script-src https://brcommunity.staged-by-discourse.com/logs/ https://brcommunity.staged-by-discourse.com/sidekiq/ https://brcommunity.staged-by-discourse.com/mini-profiler-resources/ https://europe1.discourse-cdn.com/brcommunitystaging/assets/ https://europe1.discourse-cdn.com/brcommunitystaging/brotli_asset/ https://brcommunity.staged-by-discourse.com/extra-locales/ https://dub2.discourse-cdn.com/brcommunitystaging/highlight-js/ https://dub2.discourse-cdn.com/brcommunitystaging/javascripts/ https://dub2.discourse-cdn.com/brcommunitystaging/plugins/ https://dub2.discourse-cdn.com/brcommunitystaging/theme-javascripts/ https://dub2.discourse-cdn.com/brcommunitystaging/svg-sprite/ 'sha256-8uAKDaK4QxxCeYZl0Wxad2Nnj2tgKyA14hYBh66pnn0=' https://brcommunity.staged-by-discourse.com/plugins/discourse-client-performance/javascripts/discourse-client-performance.js; worker-src 'self' https://europe1.discourse-cdn.com/brcommunitystaging/assets/ https://europe1.discourse-cdn.com/brcommunitystaging/brotli_asset/ https://dub2.discourse-cdn.com/brcommunitystaging/javascripts/ https://dub2.discourse-cdn.com/brcommunitystaging/plugins/; frame-ancestors 'self'; manifest-src 'self'
content-type
text/html; charset=utf-8
date
Wed, 27 Sep 2023 21:50:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Accept
x-content-type-options
nosniff
x-discourse-route
finish_installation/index
x-discourse-trackview
1
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
1e09d838-091b-4864-a424-7e04971f2cb1
x-xss-protection
0
wizard_e4a4119171dae0eeb9a78d30c4a3425fd5b8ad94.css
dub2.discourse-cdn.com/brcommunitystaging/stylesheets/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dub2.discourse-cdn.com/brcommunitystaging/stylesheets/wizard_e4a4119171dae0eeb9a78d30c4a3425fd5b8ad94.css?__ws=brcommunity.staged-by-discourse.com
Requested by
Host: brcommunity.staged-by-discourse.com
URL: https://brcommunity.staged-by-discourse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8000:3:1bc2:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
62849d553c3ac490b03d7fd578bebea1b852615b4c1da317ac0cfa6622779792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://brcommunity.staged-by-discourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 21:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-discourse-route
stylesheets/show
content-transfer-encoding
binary
content-disposition
inline; filename="wizard_e4a4119171dae0eeb9a78d30c4a3425fd5b8ad94.css"; filename*=UTF-8''wizard_e4a4119171dae0eeb9a78d30c4a3425fd5b8ad94.css
x-cdck-cacheable
True
x-xss-protection
0
x-request-id
b2bd12a3-1b8a-47f6-8220-c96a0ee4410e
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 21:44:45 GMT
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31556952, public, immutable
x-amz-cf-id
2Q7Q7UNHo39VRax821RpI-4dI7LfTwnn-6GQFsR5cyF-qlojwVNbNQ==
cdck-proxy-id
app-router-tiehunter02.dub2, app-balancer-tieinterceptor1a.dub2
color_definitions_base__1_11499992d8a9ff6d143bf83dc99ac4d310028764.css
dub2.discourse-cdn.com/brcommunitystaging/stylesheets/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dub2.discourse-cdn.com/brcommunitystaging/stylesheets/color_definitions_base__1_11499992d8a9ff6d143bf83dc99ac4d310028764.css?__ws=brcommunity.staged-by-discourse.com
Requested by
Host: brcommunity.staged-by-discourse.com
URL: https://brcommunity.staged-by-discourse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8000:3:1bc2:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d0227b355dc4fa4b18a81d748f6c7cd9fa23c3b99b7383ac143acffde60bf141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://brcommunity.staged-by-discourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 21:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-discourse-route
stylesheets/show
content-transfer-encoding
binary
content-disposition
inline; filename="color_definitions_base__1_11499992d8a9ff6d143bf83dc99ac4d310028764.css"; filename*=UTF-8''color_definitions_base__1_11499992d8a9ff6d143bf83dc99ac4d310028764.css
x-cdck-cacheable
True
x-xss-protection
0
x-request-id
7d6f638e-46c6-42d5-9821-3f226a89f319
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 21:44:50 GMT
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31556952, public, immutable
x-amz-cf-id
TfYbsZYdmX6G8M0v0AkLjrKQHl-gXHlB52NiZQdlSNfYJHqjdEiKhA==
cdck-proxy-id
app-router-tiehunter02.dub2, app-balancer-tieinterceptor1a.dub2
color_definitions_dark_1_1_b54b4e1bd5b8e8ee511ccb38e460087305fb1247.css
dub2.discourse-cdn.com/brcommunitystaging/stylesheets/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dub2.discourse-cdn.com/brcommunitystaging/stylesheets/color_definitions_dark_1_1_b54b4e1bd5b8e8ee511ccb38e460087305fb1247.css?__ws=brcommunity.staged-by-discourse.com
Requested by
Host: brcommunity.staged-by-discourse.com
URL: https://brcommunity.staged-by-discourse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8000:3:1bc2:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b207660e50b7d210ff1667d7fbb53fb124781e90affcfe9e54a7935705f7794c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://brcommunity.staged-by-discourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 21:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-discourse-route
stylesheets/show
content-transfer-encoding
binary
content-disposition
inline; filename="color_definitions_dark_1_1_b54b4e1bd5b8e8ee511ccb38e460087305fb1247.css"; filename*=UTF-8''color_definitions_dark_1_1_b54b4e1bd5b8e8ee511ccb38e460087305fb1247.css
x-cdck-cacheable
True
x-xss-protection
0
x-request-id
fd81df61-edbd-4fe8-b2a0-4659ea918dc2
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 21:44:49 GMT
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31556952, public, immutable
x-amz-cf-id
yTK5YjZ2AJjk7TGwUTw9R9VDMgPP_OeWWLpOAKZNPDShuFNTym8X6Q==
cdck-proxy-id
app-router-tiehunter02.dub2, app-balancer-tieinterceptor1a.dub2
Roboto-Bold.ttf
dub2.discourse-cdn.com/brcommunitystaging/fonts/ 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dub2.discourse-cdn.com/brcommunitystaging/fonts/Roboto-Bold.ttf?v=0.0.9
Requested by
Host: dub2.discourse-cdn.com
URL: https://dub2.discourse-cdn.com/brcommunitystaging/stylesheets/wizard_e4a4119171dae0eeb9a78d30c4a3425fd5b8ad94.css?__ws=brcommunity.staged-by-discourse.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8000:3:1bc2:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dub2.discourse-cdn.com/brcommunitystaging/stylesheets/wizard_e4a4119171dae0eeb9a78d30c4a3425fd5b8ad94.css?__ws=brcommunity.staged-by-discourse.com
Origin
https://brcommunity.staged-by-discourse.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 21:50:31 GMT
strict-transport-security
max-age=31536000
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-cdck-cacheable
True
content-length
170348
last-modified
Fri, 25 Aug 2023 18:40:28 GMT
server
nginx
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public,immutable
accept-ranges
bytes
x-amz-cf-id
VBX6gvwq3I5HfHwePhCex0ewOZPL7Mg8tfm99_TTUQxW_tx8kSVntQ==
cdck-proxy-id
app-router-tiehunter01.dub2, app-balancer-tieinterceptor1a.dub2
expires
Thu, 26 Sep 2024 21:50:31 GMT
Roboto-Regular.ttf
dub2.discourse-cdn.com/brcommunitystaging/fonts/ 		167 KB
168 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dub2.discourse-cdn.com/brcommunitystaging/fonts/Roboto-Regular.ttf?v=0.0.9
Requested by
Host: dub2.discourse-cdn.com
URL: https://dub2.discourse-cdn.com/brcommunitystaging/stylesheets/wizard_e4a4119171dae0eeb9a78d30c4a3425fd5b8ad94.css?__ws=brcommunity.staged-by-discourse.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8000:3:1bc2:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dub2.discourse-cdn.com/brcommunitystaging/stylesheets/wizard_e4a4119171dae0eeb9a78d30c4a3425fd5b8ad94.css?__ws=brcommunity.staged-by-discourse.com
Origin
https://brcommunity.staged-by-discourse.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 21:50:31 GMT
strict-transport-security
max-age=31536000
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-cdck-cacheable
True
content-length
171272
last-modified
Fri, 25 Aug 2023 18:40:28 GMT
server
nginx
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public,immutable
accept-ranges
bytes
x-amz-cf-id
65UWImQkMm40swKJ3PN6FI1d9n_EV5K8CsfQux8mhd8clc4VgrdKdA==
cdck-proxy-id
app-router-tiehunter01.dub2, app-balancer-tieinterceptor1a.dub2
expires
Thu, 26 Sep 2024 21:50:31 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src https://brcommunity.staged-by-discourse.com/logs/ https://brcommunity.staged-by-discourse.com/sidekiq/ https://brcommunity.staged-by-discourse.com/mini-profiler-resources/ https://europe1.discourse-cdn.com/brcommunitystaging/assets/ https://europe1.discourse-cdn.com/brcommunitystaging/brotli_asset/ https://brcommunity.staged-by-discourse.com/extra-locales/ https://dub2.discourse-cdn.com/brcommunitystaging/highlight-js/ https://dub2.discourse-cdn.com/brcommunitystaging/javascripts/ https://dub2.discourse-cdn.com/brcommunitystaging/plugins/ https://dub2.discourse-cdn.com/brcommunitystaging/theme-javascripts/ https://dub2.discourse-cdn.com/brcommunitystaging/svg-sprite/ 'sha256-8uAKDaK4QxxCeYZl0Wxad2Nnj2tgKyA14hYBh66pnn0=' https://brcommunity.staged-by-discourse.com/plugins/discourse-client-performance/javascripts/discourse-client-performance.js; worker-src 'self' https://europe1.discourse-cdn.com/brcommunitystaging/assets/ https://europe1.discourse-cdn.com/brcommunitystaging/brotli_asset/ https://dub2.discourse-cdn.com/brcommunitystaging/javascripts/ https://dub2.discourse-cdn.com/brcommunitystaging/plugins/; frame-ancestors 'self'; manifest-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0