Yes, Brave’s Safe Browsing and Firefox’s Phishing and Malware protection both make use of Google’s safe browsing service. But they don’t simply send the sites you visit to Google, they mostly rely on local lists of sites that are regularly updated. Both have help pages that explain how they work in far more detail.
Almost all malware has to be downloaded and installed by you in order to do anything harmful.
Almost all websites that steal information do so by convincing you to input sensitive information.
While it’s rare in comparison and I know far less about how it works.
A more sophisticated maliciously crafted website can attack the browser itself and the information it stores. The goal is usually obtaining sessions cookies for websites you’re currently logged in for in hopes that one of them is something like an email account or a bank. The best defense is logging out of services as soon as you’re done and using settings that delete browsing history when you close the browser.
This is also a good reason having multiple browsers can be a good idea.
If a link is registered to Discords what happend would depend on how well discord handles the problem. But similar rules should apply.
HTTP just means that you’re connection to the website is unencrypted and visible to everyone on the same network willing to take a peek.
Depending on what you’re connecting to this may or may not present an actual risk.
But given how ubiquitious HTTPS has become it can also be a red flag that you might be connecting to a fake version of the website, especially if connections in the past were HTTPS encrypted.