urlscan.io logo urlscan.io
SecurityTrails logo

myaccounts.wizards.com Open in urlscan Pro
104.109.80.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.accounts.wizards.com/ls/click?upn=WbUaYis4IWqCowlKojPhe1fHzvEbLYUMIwvFPNJ1ct2drsgwdrQbrCjHjb2bhFLb8oG1GiEujYBiJY3OoXI...
Effective URL: https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2Fk...
Submission: On April 10 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 104.109.80.237, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is myaccounts.wizards.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 16th 2021. Valid for: 8 months.
This is the only time myaccounts.wizards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.83 11377 (SENDGRID)
7 104.109.80.237 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 95.101.54.193 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
17 6
1    167.89.118.83 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net
links.accounts.wizards.com
7    104.109.80.237 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-80-237.deploy.static.akamaitechnologies.com
myaccounts.wizards.com
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    95.101.54.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-54-193.deploy.static.akamaitechnologies.com
api.platform.wizards.com
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
7 myaccounts.wizards.com myaccounts.wizards.com
4 www.google-analytics.com myaccounts.wizards.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 api.platform.wizards.com myaccounts.wizards.com
1 fonts.googleapis.com myaccounts.wizards.com
1 links.accounts.wizards.com 1 redirects
17 6
Subject Issuer Validity Valid
tiamat.wizards.com
DigiCert SHA2 Secure Server CA		 2021-03-16 -
2021-11-10		 8 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
media.wizards.com
GeoTrust RSA CA 2018		 2020-10-25 -
2021-11-23		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
Frame ID: AEF945594D325E68B3F39348B4842C08
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.accounts.wizards.com/ls/click?upn=WbUaYis4IWqCowlKojPhe1fHzvEbLYUMIwvFPNJ1ct2drsgwdrQbrCjHjb2bhFL... HTTP 302
    https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

728 kB
Transfer

2110 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.accounts.wizards.com/ls/click?upn=WbUaYis4IWqCowlKojPhe1fHzvEbLYUMIwvFPNJ1ct2drsgwdrQbrCjHjb2bhFLb8oG1GiEujYBiJY3OoXIdcqo9zAal4PPX9lz2Bio2QeoOQaupy-2BoyXWE1zEB6sY2awYPQkdT8cLcld3xdMyNi8xbEmR0WTtVtnFA9C-2FJuW5kQiahYeL8muGElbwknrwvGuhCt_HOqWCOJnQZFPyL97xxmSf0yE2Kj3fEwpptciFfGYthN1c7VcE6TNrtSqKIeAwfGYReUe3fYFhbrQnhBsP-2FjO4TRQhmUVFqf34gxwa1ghLiSRVj9u0NrmcpikTHJphR9MWmBi3nt7nLe0fsv1SPJFrx9F1pCR-2FQf4zoSwWrKW617vTv-2BF9i9wpq7J0c1TtXkBeyOOVhHpwLTmRcIm-2BY-2BXXY5FUCaeNx8r1R7g8NCiErsQ0zqBlghq0MutqNKiowHUsrHHV6qPgAfEKPfZ0qdlAzf4WbDllPlHH0ZLN4DzVLoYyWGyPDhbrZlr2yCrlKAszqpF4N8XPGWChhgVA0tIYJmkOBAkqktYylIcKBVhBIlqz2P3To8aPADWQ0dxN8DRdDpjn8K8ki-2FUCI3ZNdKMRloFX-2BtaxEn-2F0xX-2Fs88VP3KZVrAVYzkaOqFiWWMHMfGI32K7Jq02-2FNR6qdZ612My5NXwrEqzn4bF-2BrtSff1Jh4gnEThlITSP00EhNFgIPMAyOcOqNIzRNhuCTczmXChlFlKtDseRJGoiRjpqtAZEhlOmIQvztBFqZorV8SUW6boX6DASZlXiLti3wn2rTQoaL9RRsYzGnc1tvPxdFTuuQKPTtudqXJhVW5NdG-2BwadlFBV-2BGA3esRHhZ7skC2CtfYeb3jO-2FBwRds2KP3zMHADLac-3D HTTP 302
    https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request verify
myaccounts.wizards.com/
Redirect Chain
  • http://links.accounts.wizards.com/ls/click?upn=WbUaYis4IWqCowlKojPhe1fHzvEbLYUMIwvFPNJ1ct2drsgwdrQbrCjHjb2bhFLb8oG1GiEujYBiJY3OoXIdcqo9zAal4PPX9lz2Bio2QeoOQaupy-2BoyXWE1zEB6sY2awYPQkdT8cLcld3xdMyNi...
  • https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
899 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.80.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-80-237.deploy.static.akamaitechnologies.com
Software
NotYours /
Resource Hash
fd365370f5243c1353e9c3f3523bb96007b381ee6fb717d207f6b686f07647d3

Request headers

:method
GET
:authority
myaccounts.wizards.com
:scheme
https
:path
/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
last-modified
Wed, 07 Apr 2021 16:39:47 GMT
etag
"944b2b58ab8e6d2913ebd73bc7049f8c"
accept-ranges
bytes
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
aDmAtvZY3M75RdJJlTwS9__gx5geEb6vwdu6jnois8OcV1ddmP503w==
vary
Accept-Encoding
content-encoding
gzip
date
Sat, 10 Apr 2021 10:49:09 GMT
content-length
505
server
NotYours

Redirect headers

Server
nginx
Date
Sat, 10 Apr 2021 10:49:08 GMT
Content-Type
text/html; charset=utf-8
Content-Length
158
Connection
keep-alive
Location
https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
X-Robots-Tag
noindex, nofollow
app.e772fe6b.css
myaccounts.wizards.com/css/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccounts.wizards.com/css/app.e772fe6b.css
Requested by
Host: myaccounts.wizards.com
URL: https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.80.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-80-237.deploy.static.akamaitechnologies.com
Software
NotYours /
Resource Hash
963649776cddecbee62005fd4653b95b57837eb1a8c5bc935be279018cd3b71a

Request headers

Referer
https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:49:09 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 16:39:47 GMT
server
NotYours
x-amz-cf-pop
FRA6-C1
etag
"a9985f8fc937d07a15f5219c60ab90c5"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
9071
x-amz-cf-id
xPhgrAO9ikx-Eg853eXQUaJ-XC5tIEDEAA90StdsCe_-kH0Snmcu0w==
app.9ab30bf3.js
myaccounts.wizards.com/js/ 		415 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccounts.wizards.com/js/app.9ab30bf3.js
Requested by
Host: myaccounts.wizards.com
URL: https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.80.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-80-237.deploy.static.akamaitechnologies.com
Software
NotYours /
Resource Hash
8711cc225ae387654ced6a49bf5d2c2c09ae68dac49cea8f4494649779af4ea2

Request headers

Referer
https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:49:09 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 16:39:47 GMT
server
NotYours
x-amz-cf-pop
FRA6-C1
etag
"1a73a80505ecc6615fa8c378f94f6cda"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
2Db_wqOI6wp4TTOBrnOpcNcFfWkJQx_lJkQb-VVo55-wtocVzOVTow==
chunk-vendors.40ac8e50.js
myaccounts.wizards.com/js/ 		1 MB
441 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccounts.wizards.com/js/chunk-vendors.40ac8e50.js
Requested by
Host: myaccounts.wizards.com
URL: https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.80.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-80-237.deploy.static.akamaitechnologies.com
Software
NotYours /
Resource Hash
936ce6b2682f049ed0ab8c0292a67144786b56c8a151f5c734f8b04d8e0da24a

Request headers

Referer
https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:49:09 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 16:39:47 GMT
server
NotYours
x-amz-cf-pop
FRA6-C1
etag
"4f1448a3d0d342adfa72ee4774aaf35d"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
J7iGDRnhbKFjH31TbS2I_c5rO1Uc-oHdUe3MczGxRxj6XuRTl7apUg==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: myaccounts.wizards.com
URL: https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://myaccounts.wizards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
6956
date
Sat, 10 Apr 2021 08:53:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 10 Apr 2021 10:53:13 GMT
css2
fonts.googleapis.com/ 		4 KB
739 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Requested by
Host: myaccounts.wizards.com
URL: https://myaccounts.wizards.com/css/app.e772fe6b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://myaccounts.wizards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 10 Apr 2021 09:55:20 GMT
server
ESF
date
Sat, 10 Apr 2021 10:49:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Apr 2021 10:49:09 GMT
collect
www.google-analytics.com/j/ 		1 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1981184645&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccounts.wizards.com%2Fverify%3Fverification%3DREFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj&ul=en-us&de=UTF-8&dt=Wizards%20of%20the%20Coast&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEABEAAAAC~&jid=737289268&gjid=1998678499&cid=2003362934.1618051750&tid=UA-15020098-32&_gid=1136259376.1618051750&_r=1&cd1=2&cd2=2003362934.1618051750&cd3=7aebace7-bdf6-44fb-b0ef-41147ef5cd35&cd4=f8ec5b9e-639e-4bb6-a2eb-2d594c09ce92&cd5=1618051749944&cd6=pageview&cd7=pageload&cd8=visible&z=1505529508
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myaccounts.wizards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 10:49:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myaccounts.wizards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
verify
api.platform.wizards.com/accounts/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.platform.wizards.com/accounts/verify
Protocol
H2
Server
95.101.54.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-54-193.deploy.static.akamaitechnologies.com
Software
NotYours /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://myaccounts.wizards.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
x-envoy-upstream-service-time
1
x-envoy-decorator-operation
accounts.prod.svc.cluster.local:5000/*
date
Sat, 10 Apr 2021 10:49:10 GMT
access-control-allow-origin
https://myaccounts.wizards.com
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Authorization, Content-Type, X-WotC-XBL-Sandbox, X-WotC-PSN-Environment
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE
server
NotYours
verify
api.platform.wizards.com/accounts/ 		61 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.platform.wizards.com/accounts/verify
Requested by
Host: myaccounts.wizards.com
URL: https://myaccounts.wizards.com/js/chunk-vendors.40ac8e50.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-54-193.deploy.static.akamaitechnologies.com
Software
NotYours /
Resource Hash
2e7216a5eb59efd91e11591b67541db9522e7e4f81da93a765d49305ddac48a3

Request headers

Accept
application/json, text/plain, */*
Referer
https://myaccounts.wizards.com/
Authorization
Basic TnpuU2h3S21MUE1FcllrZnV2eXluZkE5OnIyUmd4ODlhQ0ZUZmpiajdUVTU5c0w4cQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 10 Apr 2021 10:49:10 GMT
x-envoy-decorator-operation
accounts.prod.svc.cluster.local:5000/*
server
NotYours
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE
content-type
application/json
access-control-allow-origin
https://myaccounts.wizards.com
x-envoy-upstream-service-time
8
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, X-WotC-XBL-Sandbox, X-WotC-PSN-Environment
content-length
61
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f24adaeddde0d0a1d94060bde6f34f14c4322ee23a7948a761fd788a2c279fc9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d1c6ccc1b00b091e1dc36eb95f54d2e00370b8f3da7e6dfffa408c2c23c47cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e891f1dfe9759638287e4cac8f09e7f4ce7de310d294f6507469c343b13db2b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a51b3e5c4806eb672f8584d358d7076656e8fc1fb497e7c50d08facf8fc92fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5191c3d8af6026006532d44d680cd6a8d41fcd17c7c12a2c57c76eee4ae685f4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39a5e673449f1e4072f627f19328d2a02d42e47f52dff33914505eb3e305e818

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ersb-logo.18c6797e.png
myaccounts.wizards.com/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccounts.wizards.com/img/ersb-logo.18c6797e.png
Requested by
Host: myaccounts.wizards.com
URL: https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.80.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-80-237.deploy.static.akamaitechnologies.com
Software
NotYours /
Resource Hash
25daff4586655a332d53df18941305215ba70108a911ef5bf4fb3a5df221335b

Request headers

Referer
https://myaccounts.wizards.com/verify?verification=REFNRllIRkhCSkU3QlAzSVVYSjNZUjNEVkU6YmIzN2E2M2YtYzI2MS00ZTMxLWIwMzItNjM0N2FkMzc3YjRj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:49:09 GMT
last-modified
Wed, 07 Apr 2021 16:39:47 GMT
server
NotYours
x-amz-cf-pop
FRA6-C1
etag
"18c6797ec597800ea8e7a7f06b09e1e7"
content-type
image/png
accept-ranges
bytes
content-length
5554
x-amz-cf-id
rNFxezeQo0mYv5oQat_M_q4sMqO0vsqcUhWgn3MYzGyLfxEXyzYFiA==
bg-wotc-account.5cd934dd.jpg
myaccounts.wizards.com/img/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccounts.wizards.com/img/bg-wotc-account.5cd934dd.jpg
Requested by
Host: myaccounts.wizards.com
URL: https://myaccounts.wizards.com/css/app.e772fe6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.80.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-80-237.deploy.static.akamaitechnologies.com
Software
NotYours /
Resource Hash
11f3c29d16be22eda312e2056b0fd557f6307f357c8b8823cbb53a6a41b9597c

Request headers

Referer
https://myaccounts.wizards.com/css/app.e772fe6b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:49:09 GMT
last-modified
Wed, 07 Apr 2021 16:39:47 GMT
server
NotYours
x-amz-cf-pop
FRA6-C1
etag
"5cd934dda5268d079d43d40fc7350586"
content-type
image/jpeg
accept-ranges
bytes
content-length
108338
x-amz-cf-id
nYBfDQX2ikKKzixfe0dBICQC_a7NpAkwuofrMC0fOZkP1yjPAa8yxQ==
arrow-down.7c206fa1.svg
myaccounts.wizards.com/img/ 		3 KB
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccounts.wizards.com/img/arrow-down.7c206fa1.svg
Requested by
Host: myaccounts.wizards.com
URL: https://myaccounts.wizards.com/css/app.e772fe6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.80.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-80-237.deploy.static.akamaitechnologies.com
Software
NotYours /
Resource Hash
46110a958bb9dd92849631a6b80b76924a0c07adf6c905412580cec179a286b3

Request headers

Referer
https://myaccounts.wizards.com/css/app.e772fe6b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:49:09 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 16:39:47 GMT
server
NotYours
x-amz-cf-pop
FRA6-C1
etag
"7c206fa123ee1bdf7a3f53863ec5e4fe"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
524
x-amz-cf-id
hnBhpcUdJSeJGNtecTKAaGcNafMFWfnt3MKZlTFmmUT6kX80WGAWgw==
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://myaccounts.wizards.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
89132
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://myaccounts.wizards.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
89132
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
mem8YaGs126MiZpBA-UFUZ0bbck.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://myaccounts.wizards.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:24 GMT
server
sffe
age
89133
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9400
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
collect
www.google-analytics.com/ 		35 B
92 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myaccounts.wizards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 10:49:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://myaccounts.wizards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myaccounts.wizards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 10:49:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://myaccounts.wizards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| __e object| google_tag_data function| ga object| gaplugins object| webpackJsonp object| __core-js_shared__ object| core function| _ object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.wizards.com/ Name: _gat
Value: 1
.wizards.com/ Name: _gid
Value: GA1.2.1136259376.1618051750
.wizards.com/ Name: _ga
Value: GA1.2.2003362934.1618051750

1 Console Messages

Source Level URL
Text
console-api error URL: https://myaccounts.wizards.com/js/chunk-vendors.40ac8e50.js(Line 7)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.platform.wizards.com
fonts.googleapis.com
fonts.gstatic.com
links.accounts.wizards.com
myaccounts.wizards.com
www.google-analytics.com
104.109.80.237
167.89.118.83
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:82b::200e
95.101.54.193
0d1c6ccc1b00b091e1dc36eb95f54d2e00370b8f3da7e6dfffa408c2c23c47cd
11f3c29d16be22eda312e2056b0fd557f6307f357c8b8823cbb53a6a41b9597c
1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87
25daff4586655a332d53df18941305215ba70108a911ef5bf4fb3a5df221335b
2e7216a5eb59efd91e11591b67541db9522e7e4f81da93a765d49305ddac48a3
39a5e673449f1e4072f627f19328d2a02d42e47f52dff33914505eb3e305e818
46110a958bb9dd92849631a6b80b76924a0c07adf6c905412580cec179a286b3
5191c3d8af6026006532d44d680cd6a8d41fcd17c7c12a2c57c76eee4ae685f4
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8711cc225ae387654ced6a49bf5d2c2c09ae68dac49cea8f4494649779af4ea2
8a51b3e5c4806eb672f8584d358d7076656e8fc1fb497e7c50d08facf8fc92fe
936ce6b2682f049ed0ab8c0292a67144786b56c8a151f5c734f8b04d8e0da24a
963649776cddecbee62005fd4653b95b57837eb1a8c5bc935be279018cd3b71a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
e891f1dfe9759638287e4cac8f09e7f4ce7de310d294f6507469c343b13db2b8
f24adaeddde0d0a1d94060bde6f34f14c4322ee23a7948a761fd788a2c279fc9
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fd365370f5243c1353e9c3f3523bb96007b381ee6fb717d207f6b686f07647d3