main.d29bcvepc438ha.amplifyapp.com Open in urlscan Pro
143.204.202.8  Malicious Activity! Public Scan

Submitted URL: http://main.d29bcvepc438ha.amplifyapp.com/
Effective URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Submission: On May 03 via api from US

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 31 HTTP transactions. The main IP is 143.204.202.8, located in United States and belongs to AMAZON-02, US. The main domain is main.d29bcvepc438ha.amplifyapp.com.
TLS certificate: Issued by Amazon on May 2nd 2021. Valid for: a year.
This is the only time main.d29bcvepc438ha.amplifyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discover (Financial)

Domain & IP information

IP Address AS Autonomous System
1 3 143.204.202.8 16509 (AMAZON-02)
1 30 23.45.111.141 16625 (AKAMAI-AS)
31 2
Apex Domain
Subdomains
Transfer
30 discovercard.com
www.discovercard.com
discovercard.com
96 KB
3 amplifyapp.com
main.d29bcvepc438ha.amplifyapp.com
8 KB
31 2
Domain Requested by
29 www.discovercard.com main.d29bcvepc438ha.amplifyapp.com
www.discovercard.com
3 main.d29bcvepc438ha.amplifyapp.com 1 redirects
1 discovercard.com 1 redirects
31 3
Subject Issuer Validity Valid
*.d29bcvepc438ha.amplifyapp.com
Amazon
2021-05-02 -
2022-05-31
a year crt.sh
www.discover.com
DigiCert SHA2 Extended Validation Server CA
2021-04-21 -
2021-11-02
6 months crt.sh

This page contains 1 frames:

Primary Page: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Frame ID: 4853B3EBF1C8F4AD4F93E3F721D52F6D
Requests: 31 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://main.d29bcvepc438ha.amplifyapp.com/ HTTP 301
    https://main.d29bcvepc438ha.amplifyapp.com/ Page URL
  2. https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

103 kB
Transfer

349 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://main.d29bcvepc438ha.amplifyapp.com/ HTTP 301
    https://main.d29bcvepc438ha.amplifyapp.com/ Page URL
  2. https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://main.d29bcvepc438ha.amplifyapp.com/ HTTP 301
  • https://main.d29bcvepc438ha.amplifyapp.com/
Request Chain 13
  • https://discovercard.com/images/zag.gif?log=1&cb=1313873073670&dt=Step%201:%20Enter%20Account%20information&dd=www.discovercard.com&dl=/ACREG/EnterAccountInformation HTTP 301
  • https://www.discovercard.com/images/zag.gif?log=1&cb=1313873073670&dt=Step%201:%20Enter%20Account%20information&dd=www.discovercard.com&dl=/ACREG/EnterAccountInformation

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
main.d29bcvepc438ha.amplifyapp.com/
Redirect Chain
  • http://main.d29bcvepc438ha.amplifyapp.com/
  • https://main.d29bcvepc438ha.amplifyapp.com/
122 B
495 B
Document
General
Full URL
https://main.d29bcvepc438ha.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-8.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d80f83457c8eed4f3bd21931b816dae8f812cfac1d43686bd473a8d94496492

Request headers

:method
GET
:authority
main.d29bcvepc438ha.amplifyapp.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
content-length
122
date
Mon, 03 May 2021 02:22:16 GMT
last-modified
Sun, 02 May 2021 22:27:33 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
cache-control
no-cache, s-maxage=2
etag
"0033c863d5fc48a111ee3d2c3bacbfbd"
x-cache
Miss from cloudfront
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
eCOQfJVhJFtGmKQ3yX8xBWlW2F4N2fjfE11YuSpp3VJPMFNKyN5YXg==

Redirect headers

Server
CloudFront
Date
Mon, 03 May 2021 02:22:15 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://main.d29bcvepc438ha.amplifyapp.com/
X-Cache
Redirect from cloudfront
Via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
EOuTIXPJOM7_bHB9K3MXNTJNt1GJTCg6amz8pyOECEHaBOun7cMAtQ==
Primary Request disc.htm
main.d29bcvepc438ha.amplifyapp.com/
26 KB
7 KB
Document
General
Full URL
https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-8.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10b923f99cbf6bbfa2cc52724e7381d2489edd3b27774fe818dbb56549794152

Request headers

:method
GET
:authority
main.d29bcvepc438ha.amplifyapp.com
:scheme
https
:path
/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://main.d29bcvepc438ha.amplifyapp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://main.d29bcvepc438ha.amplifyapp.com/

Response headers

content-type
text/html
date
Mon, 03 May 2021 02:22:16 GMT
last-modified
Sun, 02 May 2021 22:27:33 GMT
x-amz-server-side-encryption
AES256
server
AmazonS3
cache-control
no-cache, s-maxage=2
content-encoding
gzip
etag
W/"05e2a29e09d55c8a5dd9bee7cf3d2be1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
-c_VlIKvr1gE9tgQLtwuWaL0n4VpW9aPcJgq7n8urbukf0WbOQuZng==
ac-global.css
www.discovercard.com/css/optimized/
55 KB
9 KB
Stylesheet
General
Full URL
https://www.discovercard.com/css/optimized/ac-global.css
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
758c57f269285817fd4b511e80f96bd4373a9950f8eccdf3ad26f514d6c23a2c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Apr 2020 06:10:30 GMT
date
Mon, 03 May 2021 02:22:15 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
9227
x-xss-protection
1; mode=block
register-screen.css
www.discovercard.com/css/optimized/register/
18 KB
3 KB
Stylesheet
General
Full URL
https://www.discovercard.com/css/optimized/register/register-screen.css
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e2dfd7a991f941d8e73b39c2c5047e1b2ee516611f8c78fbcb46602edd8df8a0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:56:52 GMT
date
Mon, 03 May 2021 02:22:15 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
2850
x-xss-protection
1; mode=block
register.css
www.discovercard.com/css/optimized/register/
97 KB
15 KB
Stylesheet
General
Full URL
https://www.discovercard.com/css/optimized/register/register.css
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
915329a4d2948ce43c08642bfc2baf64d84475671f9ad349224aae9b6aa23960
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:07:49 GMT
date
Mon, 03 May 2021 02:22:15 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
14666
x-xss-protection
1; mode=block
cookieFuncs.js
www.discovercard.com/discover/jscripts/
848 B
665 B
Script
General
Full URL
https://www.discovercard.com/discover/jscripts/cookieFuncs.js
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b1a5f2388877589e8e80288f5dc1e33f8d98d5e5ccc04c88dce842483e39329
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 May 2008 04:00:00 GMT
date
Mon, 03 May 2021 02:22:15 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
335
x-xss-protection
1; mode=block
workflowStateCheck.js
www.discovercard.com/discover/jscripts/
4 KB
1 KB
Script
General
Full URL
https://www.discovercard.com/discover/jscripts/workflowStateCheck.js
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1ca5fd19bb936047eab110bae16652e895825c0e031318564fa5dcfd7366aac
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 May 2008 04:00:00 GMT
date
Mon, 03 May 2021 02:22:15 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
973
x-xss-protection
1; mode=block
logo-discover-financial-services.gif
www.discovercard.com/registration/images/
2 KB
3 KB
Image
General
Full URL
https://www.discovercard.com/registration/images/logo-discover-financial-services.gif
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
40da5d11bdfffe97bd52a7c20a03fdebafa7a0a0756fe65f4859298e4ba54370
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 19:07:17 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
2395
x-xss-protection
1; mode=block
btn-search-gray-off.gif
www.discovercard.com/search/images/
907 B
1 KB
Image
General
Full URL
https://www.discovercard.com/search/images/btn-search-gray-off.gif
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23463987921a39610e206599214b319a6fe88e106e695fecdcf6556603bb0b7d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Wed, 20 Oct 2010 04:58:50 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
907
x-xss-protection
1; mode=block
registration-top.js
www.discovercard.com/scripts/optimized/
477 B
565 B
Script
General
Full URL
https://www.discovercard.com/scripts/optimized/registration-top.js
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bdd23e681d1c98334f4553566bb817a7e400775631a4136c882b4a1a6954f967
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 13 Dec 2019 08:37:52 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
235
x-xss-protection
1; mode=block
reg_email_rebuttalPop.js
www.discovercard.com/discover/jscripts/
636 B
756 B
Script
General
Full URL
https://www.discovercard.com/discover/jscripts/reg_email_rebuttalPop.js
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03653e787e06a67a09f4838c8d2fb226f61e727c9f63357e996f54e7e2c2162f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:57:04 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
426
x-xss-protection
1; mode=block
icon-lock.gif
www.discovercard.com/images/
72 B
372 B
Image
General
Full URL
https://www.discovercard.com/images/icon-lock.gif
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
180fabdab945223febb42a698e458f019cbd321ea79fd886b00523d9f7a17222
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 19:07:00 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
72
x-xss-protection
1; mode=block
continue.gif
www.discovercard.com/registration/images/
1 KB
2 KB
Image
General
Full URL
https://www.discovercard.com/registration/images/continue.gif
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d4bbb73d91deb57f53f0c381fcefe532c5678e40d455f09f4b294a596303490
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:08:52 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1515
x-xss-protection
1; mode=block
bg-710-bottom.gif
www.discovercard.com/registration/images/
309 B
610 B
Image
General
Full URL
https://www.discovercard.com/registration/images/bg-710-bottom.gif
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9f37214d48727c8421fad7ecefacc4d0e97a1babde46d88130fe96ed188cce88
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:08:51 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
309
x-xss-protection
1; mode=block
zag.gif
www.discovercard.com/images/
Redirect Chain
  • https://discovercard.com/images/zag.gif?log=1&cb=1313873073670&dt=Step%201:%20Enter%20Account%20information&dd=www.discovercard.com&dl=/ACREG/EnterAccountInformation
  • https://www.discovercard.com/images/zag.gif?log=1&cb=1313873073670&dt=Step%201:%20Enter%20Account%20information&dd=www.discovercard.com&dl=/ACREG/EnterAccountInformation
35 B
374 B
Image
General
Full URL
https://www.discovercard.com/images/zag.gif?log=1&cb=1313873073670&dt=Step%201:%20Enter%20Account%20information&dd=www.discovercard.com&dl=/ACREG/EnterAccountInformation
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c7eb5d6fcc73fe8b4e8d94cfbc2da435c0832d8c17aa5d1ee3345829c09902f8
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:08:36 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
35
x-xss-protection
1; mode=block

Redirect headers

location
https://www.discovercard.com/images/zag.gif?log=1&cb=1313873073670&dt=Step%201:%20Enter%20Account%20information&dd=www.discovercard.com&dl=/ACREG/EnterAccountInformation
date
Mon, 03 May 2021 02:22:16 GMT
server
AkamaiGHost
content-length
0
ac-global-bottom.js
www.discovercard.com/scripts/optimized/
3 KB
1 KB
Script
General
Full URL
https://www.discovercard.com/scripts/optimized/ac-global-bottom.js
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d22a2fe16f2d1c58c665bc806ee396971998268642ff033fd92329bceb84f59
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:57:16 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
964
x-xss-protection
1; mode=block
registration-bottom.js
www.discovercard.com/scripts/optimized/
85 KB
26 KB
Script
General
Full URL
https://www.discovercard.com/scripts/optimized/registration-bottom.js
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
411ea7c6a1f77ef51aa37db924de0ddcd889db7890181d483a284d4630ae6123
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:57:16 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
26388
x-xss-protection
1; mode=block
vendor-ac-global-bottom.js
www.discovercard.com/scripts/optimized/
37 KB
11 KB
Script
General
Full URL
https://www.discovercard.com/scripts/optimized/vendor-ac-global-bottom.js
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b60e67a8aed1b38a2dff1265bccaf694328a370db530bd6e41859f797bb36a91
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:08:53 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
10939
x-xss-protection
1; mode=block
monitorFields.js
www.discovercard.com/registration/scripts/
605 B
635 B
Script
General
Full URL
https://www.discovercard.com/registration/scripts/monitorFields.js
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e0b5b634796b0b668424ddac7547e0771f7aa39b369f151e362103dcd901121b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 19:07:17 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
305
x-xss-protection
1; mode=block
step-one.js
www.discovercard.com/registration/scripts/
413 B
521 B
Script
General
Full URL
https://www.discovercard.com/registration/scripts/step-one.js
Requested by
Host: main.d29bcvepc438ha.amplifyapp.com
URL: https://main.d29bcvepc438ha.amplifyapp.com/disc.htm?discover.com/credit-cards/student/?ICMPGN=PUB_HNAV_CARDS_STUD_IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
31df64304deaa8a0f75b517135da51cbc0b59dc87e2104c14694b60f14163d6d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://main.d29bcvepc438ha.amplifyapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 17:56:33 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
192
x-xss-protection
1; mode=block
common_sprite.png
www.discovercard.com/images/optimized/
3 KB
4 KB
Image
General
Full URL
https://www.discovercard.com/images/optimized/common_sprite.png
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/register/register.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f9ccb60721a9a7ce2b8db78aad1fde80fc5a173352988a5651c75c95a845a1b9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/register/register.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:08:37 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
3465
x-xss-protection
1; mode=block
common_sprite1.png
www.discovercard.com/images/optimized/
602 B
882 B
Image
General
Full URL
https://www.discovercard.com/images/optimized/common_sprite1.png
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/register/register.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77813f7de286dd499b814dcf7fa8522ec5e0f06e75bf0b44dc4d77f4784ad008
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/register/register.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:57:11 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
602
x-xss-protection
1; mode=block
vertical_bg_sprite.png
www.discovercard.com/images/optimized/register/
196 B
477 B
Image
General
Full URL
https://www.discovercard.com/images/optimized/register/vertical_bg_sprite.png
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/register/register.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
18bc484b5793d2f01ff00d0805fc32f7e0e7e34f8aeca66bae2d08fa0a9a980a
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/register/register.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:57:11 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
196
x-xss-protection
1; mode=block
register_sprite.png
www.discovercard.com/images/optimized/register/
2 KB
2 KB
Image
General
Full URL
https://www.discovercard.com/images/optimized/register/register_sprite.png
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/register/register.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5da110de3799c0bd09505f7814a5a0a05ec81c9db6a72bf9d3a07b500b47918
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/register/register.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:08:38 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1555
x-xss-protection
1; mode=block
icon-question-popup-gray.gif
www.discovercard.com/customer-service/images/
147 B
448 B
Image
General
Full URL
https://www.discovercard.com/customer-service/images/icon-question-popup-gray.gif
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/register/register.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9338be77b0bb0f06e446925ecc0d36d2a9e83a29f024e00023060db99c951bff
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/register/register.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Thu, 29 May 2008 04:00:00 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
147
x-xss-protection
1; mode=block
top-bottom.png
www.discovercard.com/images/optimized/register/
891 B
1 KB
Image
General
Full URL
https://www.discovercard.com/images/optimized/register/top-bottom.png
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/register/register.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7bdc4027810366a120514b83948e373819631ff149c9f39c2e9109f92f1c645d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/register/register.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 19:07:01 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
891
x-xss-protection
1; mode=block
logo-it-pays-to-discover.png
www.discovercard.com/images/
5 KB
5 KB
Image
General
Full URL
https://www.discovercard.com/images/logo-it-pays-to-discover.png
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/ac-global.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b6bf543ad3b1547b54b9608d058aef4fd0412745d2517079a94da339900d8ea0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/ac-global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:08:36 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
5035
x-xss-protection
1; mode=block
bg-footer-btm.png
www.discovercard.com/images/
806 B
1 KB
Image
General
Full URL
https://www.discovercard.com/images/bg-footer-btm.png
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/ac-global.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88c115e368b88caf347417c33f4fbe321450fa8f1f667f0d933b937568a6cb4b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/ac-global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 19:06:59 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
806
x-xss-protection
1; mode=block
oo_tab.png
www.discovercard.com/images/onlineopinionV5/
2 KB
2 KB
Image
General
Full URL
https://www.discovercard.com/images/onlineopinionV5/oo_tab.png
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/ac-global.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dda4eb297a345e8fca82cefe9e02c56f378dea3b11524b193fe5377ef70651c9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/ac-global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:08:37 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1740
x-xss-protection
1; mode=block
oo_tab_icon.gif
www.discovercard.com/images/onlineopinionV5/
2 KB
2 KB
Image
General
Full URL
https://www.discovercard.com/images/onlineopinionV5/oo_tab_icon.gif
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/ac-global.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f547776efdf32d7ad1f356a3aa3d988ed02dce143acbf031eaf14ce8c5accda
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/ac-global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 19:07:01 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
cache-control
public, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1655
x-xss-protection
1; mode=block
search-results-right.png
www.discovercard.com/search/images/
97 B
377 B
Image
General
Full URL
https://www.discovercard.com/search/images/search-results-right.png
Requested by
Host: www.discovercard.com
URL: https://www.discovercard.com/css/optimized/register/register-screen.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.111.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fdfb0669dd55ab1779520846e4e772b3d665fac84b63c8cc3c7f34d29460054b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.discovercard.com/css/optimized/register/register-screen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2017 18:08:54 GMT
date
Mon, 03 May 2021 02:22:16 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
97
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discover (Financial)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| cookieValue function| checkWorkflowState function| getCookieValue string| dfsedskey function| showPopup undefined| focusControl undefined| element object| winUrl object| childWindow function| showWin function| showBrowserWin function| faqWin function| showTip1 function| showTip function| showTip_PaymentProtection function| openTipWindow function| addLoadEvent function| findPos function| clearSearch function| initNavDropdown function| getElementsByClassName function| faqInit function| toggleFAQ function| expandAllFAQ function| collapseAllFAQ function| switchExpandCollapse object| mcd object| sfgfdga object| sfgfdgb number| sfgfdgw function| sfgfdge function| sfgfdgr object| discover function| jQuery function| $ object| OOo function| receiveMessage object| today number| year0 object| navRoot object| node

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

discovercard.com
main.d29bcvepc438ha.amplifyapp.com
www.discovercard.com
143.204.202.8
23.45.111.141
03653e787e06a67a09f4838c8d2fb226f61e727c9f63357e996f54e7e2c2162f
10b923f99cbf6bbfa2cc52724e7381d2489edd3b27774fe818dbb56549794152
180fabdab945223febb42a698e458f019cbd321ea79fd886b00523d9f7a17222
18bc484b5793d2f01ff00d0805fc32f7e0e7e34f8aeca66bae2d08fa0a9a980a
23463987921a39610e206599214b319a6fe88e106e695fecdcf6556603bb0b7d
31df64304deaa8a0f75b517135da51cbc0b59dc87e2104c14694b60f14163d6d
3b1a5f2388877589e8e80288f5dc1e33f8d98d5e5ccc04c88dce842483e39329
40da5d11bdfffe97bd52a7c20a03fdebafa7a0a0756fe65f4859298e4ba54370
411ea7c6a1f77ef51aa37db924de0ddcd889db7890181d483a284d4630ae6123
5d22a2fe16f2d1c58c665bc806ee396971998268642ff033fd92329bceb84f59
5d4bbb73d91deb57f53f0c381fcefe532c5678e40d455f09f4b294a596303490
758c57f269285817fd4b511e80f96bd4373a9950f8eccdf3ad26f514d6c23a2c
77813f7de286dd499b814dcf7fa8522ec5e0f06e75bf0b44dc4d77f4784ad008
7bdc4027810366a120514b83948e373819631ff149c9f39c2e9109f92f1c645d
88c115e368b88caf347417c33f4fbe321450fa8f1f667f0d933b937568a6cb4b
8f547776efdf32d7ad1f356a3aa3d988ed02dce143acbf031eaf14ce8c5accda
915329a4d2948ce43c08642bfc2baf64d84475671f9ad349224aae9b6aa23960
9338be77b0bb0f06e446925ecc0d36d2a9e83a29f024e00023060db99c951bff
9d80f83457c8eed4f3bd21931b816dae8f812cfac1d43686bd473a8d94496492
9f37214d48727c8421fad7ecefacc4d0e97a1babde46d88130fe96ed188cce88
a1ca5fd19bb936047eab110bae16652e895825c0e031318564fa5dcfd7366aac
a5da110de3799c0bd09505f7814a5a0a05ec81c9db6a72bf9d3a07b500b47918
b60e67a8aed1b38a2dff1265bccaf694328a370db530bd6e41859f797bb36a91
b6bf543ad3b1547b54b9608d058aef4fd0412745d2517079a94da339900d8ea0
bdd23e681d1c98334f4553566bb817a7e400775631a4136c882b4a1a6954f967
c7eb5d6fcc73fe8b4e8d94cfbc2da435c0832d8c17aa5d1ee3345829c09902f8
dda4eb297a345e8fca82cefe9e02c56f378dea3b11524b193fe5377ef70651c9
e0b5b634796b0b668424ddac7547e0771f7aa39b369f151e362103dcd901121b
e2dfd7a991f941d8e73b39c2c5047e1b2ee516611f8c78fbcb46602edd8df8a0
f9ccb60721a9a7ce2b8db78aad1fde80fc5a173352988a5651c75c95a845a1b9
fdfb0669dd55ab1779520846e4e772b3d665fac84b63c8cc3c7f34d29460054b