FAQ

Ends Town Hall is a community and security platform for Discord. It includes an enterprise-grade browser fingerprint scanner that collects 650+ signals across 28 categories to detect VPNs, bots, alt accounts, and ban evaders. It's built to protect Discord servers from raids and malicious users.

You can sign up with email or use Discord OAuth. Email signups require a 6-digit verification code sent to your email. Discord signups import your username and avatar automatically. See our How to Use page for a full walkthrough.

Yes. The Demo Page lets anyone run a full scan — no signup required. You'll see all 28 signal categories, your signal count, and the IPQualityScore threat analysis.

Yes. The Free plan includes 1 Discord server, ~280 signals across 15 categories, VPN/Proxy/Tor detection, alt account detection, and up to 100 verifications per month. Upgrade to Pro (~470 signals, 22 categories) or Enterprise (650+ signals, all 28 categories) for deeper detection. No credit card required. See full plan details on our Pricing page.

The scanner collects over 650 data points from your browser across 28 categories: Navigator, Screen, WebGL (GPU), Canvas, Audio, Fonts, Codecs, Storage, Battery, Network, Permissions, Math, Features, Touch, CPU, WebGPU, WebRTC, CSS, CSS Support, Media, Sensors, Speech, Intl, Text Metrics, Crypto Performance, Event Loop, WASM Performance, and Timing. These combine into a unique fingerprint hash. The exact count varies by browser — Chrome shows ~458, Firefox ~426.

IPQualityScore (IPQS) is a server-side threat intelligence API that analyzes your IP address. It detects VPNs, proxies, Tor nodes, and provides a fraud score from 0-100. It adds approximately 20 server signals on top of client-side signals (up to 650+ on Enterprise). IPQS runs on all plans including Free.

VPN detection uses IPQualityScore's server-side IP analysis, which checks against known VPN/proxy/datacenter IP ranges, plus client-side WebRTC leak detection that can expose real IPs behind VPNs. VPN detection via IPQualityScore runs on all plans including Free. Pro and Enterprise add full WebRTC IP exposure for deeper leak detection.

Yes. The scanner checks for inconsistencies that anti-detect browsers create — like mismatches between reported GPU and actual WebGL rendering, navigator overrides, suspicious feature combinations, and automation tool signatures (Selenium, Puppeteer, Playwright). Anti-detect browser detection is available on the Enterprise plan.

We collect browser fingerprint signals (Canvas, WebGL, Audio, Fonts, Screen, and 23 more categories), IP addresses, and device/browser information. This data is used solely for verification and threat detection. We do not sell your data. See our Privacy Policy for full details.

We primarily use localStorage (not cookies) to store your login session token. We do not use advertising or tracking cookies. Discord OAuth and Cloudflare may set their own cookies during their respective flows. See our Cookie & Storage Policy for a complete breakdown.

Yes. Passwords are hashed with bcrypt before storage — we never store or see your plaintext password. Login is rate-limited to 5 attempts per 15 minutes, with account lockout notifications sent by email. You can also enable Two-Factor Authentication (2FA) for an extra layer of security.

When enabled, every login (email/password or Discord) requires a 6-digit verification code sent to your email. You can enable or disable 2FA from Account Settings. We recommend enabling it.

When a user verifies, their device fingerprint is stored. If a banned user creates a new account and tries to verify using the same device, the bot matches the fingerprints and blocks the verification automatically. Your mod team gets an alert with the original banned user's details.

Every verification is scored 0-100 based on multiple signals: account age (under 7 days = blocked at verify button), verification velocity (too many from the same IP), impossible travel detection (same device in different countries too fast), browser language vs IP country mismatch, VPN/proxy detection, and bot/automation detection. Scores above 50 trigger staff alerts.

Yes. Members can DM the bot to open support tickets. Each ticket creates a private channel for staff with features like typing indicators, read receipts, queue position, priority levels, canned responses, user notes, and post-close feedback. Run ?setupmodmail to set it up.

Yes. The bot scans messages for malicious links using three databases: IPQualityScore, Google Safe Browsing, and PhishTank. It detects typosquatting (like disc0rd.com), known phishing URLs, social engineering patterns, and suspicious file attachments.

Yes. The bot has a built-in appeals system. Banned users can submit appeals, and staff receive approve/deny buttons directly in Discord. Appeal history is tracked per user.

Three plans: Free ($0/month — 1 server, ~280 signals, 100 verifications/month, masked WebRTC IPs), Pro ($15/month — 5 servers, full WebRTC IP exposure, trackable links, live activity, unlimited verifications), and Enterprise ($49/month — 10 servers, API access, staff analytics, unlimited verifications). Free gets ~280 signals (15 categories), Pro gets ~470 (22 categories), and Enterprise gets 650+ (all 28 categories). See the Pricing page for full details.

Yes. You can cancel your subscription at any time. Your plan features remain active until the end of your current billing period, then your account reverts to the Free plan.

Yes. We offer a 7-day refund window on new subscriptions — no questions asked. After that, refunds are handled case-by-case. See our full Refund Policy for details.

Yes. You can connect Discord from the Dashboard or Account Settings. Connecting Discord will import your Discord username and avatar.

Go to Account Settings → Security tab. You'll see a "Set Password" option. Click "Send Verification Code", enter the code from your email, then create your password.

Yes. Go to Account Settings → Security tab → Change Email. A verification code is sent to your current email for security. Enter the code to confirm the change.

Yes. Go to Account Settings → Account tab → Delete Account. This permanently deletes your account and all associated data. This action cannot be undone.