urlscan.io logo urlscan.io
SecurityTrails logo

nordaccount.com Open in urlscan Pro
2606:4700:4400::6812:21ba  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my.nordaccount.com/setup/
Effective URL: https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
Submission: On April 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 28 HTTP transactions. The main IP is 2606:4700:4400::6812:21ba, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordaccount.com. The Cisco Umbrella rank of the primary domain is 204345.
TLS certificate: Issued by GlobalSign GCC R6 AlphaSSL CA 2023 on March 13th 2024. Valid for: a year.
This is the only time nordaccount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 11 2606:4700:440... 13335 (CLOUDFLAR...)
18 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
28 6
11    2606:4700:4400::6812:21ba (United States)

ASN13335 (CLOUDFLARENET, US)
my.nordaccount.com
auth.nordaccount.com
nordaccount.com
18    2606:4700:4400::ac40:9a46 (United States)

ASN13335 (CLOUDFLARENET, US)
s1.nordaccount.com
d.nordaccount.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700:4400::ac40:9937 (United States)

ASN13335 (CLOUDFLARENET, US)
debug.nordsec.com
2    2606:4700::6810:9c6f (United States)

ASN13335 (CLOUDFLARENET, US)
s1.nordcdn.com
Apex Domain
Subdomains		 Transfer
29 nordaccount.com
my.nordaccount.com — Cisco Umbrella Rank: 435816
auth.nordaccount.com — Cisco Umbrella Rank: 300781
nordaccount.com — Cisco Umbrella Rank: 204345
s1.nordaccount.com — Cisco Umbrella Rank: 358233
d.nordaccount.com — Cisco Umbrella Rank: 372554
366 KB
2 nordcdn.com
s1.nordcdn.com — Cisco Umbrella Rank: 174219
109 KB
1 nordsec.com
debug.nordsec.com — Cisco Umbrella Rank: 334307
501 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817
7 KB
28 4
Domain Requested by
16 s1.nordaccount.com nordaccount.com
s1.nordaccount.com
7 nordaccount.com 3 redirects nordaccount.com
s1.nordaccount.com
3 my.nordaccount.com 3 redirects
2 d.nordaccount.com s1.nordcdn.com
2 s1.nordcdn.com s1.nordaccount.com
1 debug.nordsec.com s1.nordaccount.com
1 static.cloudflareinsights.com nordaccount.com
1 auth.nordaccount.com 1 redirects
28 8

This site contains links to these domains. Also see Links.

Domain
my.nordaccount.com
Subject Issuer Validity Valid
*.nordaccount.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-03-13 -
2025-04-14		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.nordsec.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-02-14 -
2025-03-17		 a year crt.sh
*.nordcdn.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-03-13 -
2025-04-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
Frame ID: 3B54C093335799B0A7EB43138EA05A84
Requests: 26 HTTP requests in this frame

Frame: https://nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: 52F43D9AC9101A7A566D85F7B4080950
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quick, easy, and secure login with Nord Account.

Page URL History Show full URLs

  1. https://my.nordaccount.com/setup/ HTTP 302
    https://my.nordaccount.com/login HTTP 302
    https://my.nordaccount.com/oauth2/login HTTP 302
    https://auth.nordaccount.com/oauth2/auth?redirect_uri=https%3A%2F%2Fmy.nordaccount.com%2Foauth2%2Fcallbac... HTTP 302
    https://nordaccount.com/login-entry?login_challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3 HTTP 302
    https://nordaccount.com/account/select?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3 HTTP 302
    https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

28
Requests

89 %
HTTPS

100 %
IPv6

4
Domains

8
Subdomains

6
IPs

1
Countries

549 kB
Transfer

2168 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.nordaccount.com/setup/ HTTP 302
    https://my.nordaccount.com/login HTTP 302
    https://my.nordaccount.com/oauth2/login HTTP 302
    https://auth.nordaccount.com/oauth2/auth?redirect_uri=https%3A%2F%2Fmy.nordaccount.com%2Foauth2%2Fcallback&state=8e772d5a39ffd678904e13c6c095e0d7&scope=openid%20offline_access%20sessions%3Awrite%20account.password%3Awrite%20email%20account.providers%3Aread%20account.providers%3Awrite&response_type=code&approval_prompt=auto&client_id=ucp HTTP 302
    https://nordaccount.com/login-entry?login_challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3 HTTP 302
    https://nordaccount.com/account/select?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3 HTTP 302
    https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request identifier
nordaccount.com/login/
Redirect Chain
  • https://my.nordaccount.com/setup/
  • https://my.nordaccount.com/login
  • https://my.nordaccount.com/oauth2/login
  • https://auth.nordaccount.com/oauth2/auth?redirect_uri=https%3A%2F%2Fmy.nordaccount.com%2Foauth2%2Fcallback&state=8e772d5a39ffd678904e13c6c095e0d7&scope=openid%20offline_access%20sessions%3Awrite%20...
  • https://nordaccount.com/login-entry?login_challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
  • https://nordaccount.com/account/select?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
  • https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d207428e073dd931fdc08399f0de59b25631bad46a12100672b356924ed9fe8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
877d2358be073a6a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 21 Apr 2024 11:47:13 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie
x-frame-options
DENY

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
877d2357accd3a6a-FRA
content-length
0
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 21 Apr 2024 11:47:13 GMT
location
/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie, Accept-Encoding
x-frame-options
DENY
index.aa8bd6366cfc072346f8.js
s1.nordaccount.com/assets/1.202.0/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a82e565d48c19850da1944da9bd24828f8d1d63c2ea23d104610ccb77a9cbbbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
390
etag
W/"6617a099-82bb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235a7b208ed4-FRA
expires
Mon, 21 Apr 2025 11:47:13 GMT
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:13 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2024 22:09:58 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
877d235a4fa0362a-FRA
575.2befafeb98a603b90399.css
s1.nordaccount.com/assets/1.202.0/ 		909 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/575.2befafeb98a603b90399.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef8f45eb2ed75c9ddca936dd8ab2dffa95a6c0e3f123381f673e3f8079f23fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
2120
etag
W/"6617a099-e3352"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235b8f753675-FRA
expires
Mon, 21 Apr 2025 11:47:13 GMT
575.chunk.2befafeb98a603b90399.js
s1.nordaccount.com/assets/1.202.0/ 		806 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/575.chunk.2befafeb98a603b90399.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1ae1576ab0761927c944656ed075bde8377970c388bdbb04a323fda8df1c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
3399
etag
W/"6617a099-c9952"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235aebdd8ed4-FRA
expires
Mon, 21 Apr 2025 11:47:13 GMT
1708.1fc6c974214dae333085.css
s1.nordaccount.com/assets/1.202.0/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/1708.1fc6c974214dae333085.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3617250523fd81cca28325f980b12fdf9e6733c694d787dcd2c8863c3b853377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
2694
etag
W/"6617a099-200b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235b8f793675-FRA
expires
Mon, 21 Apr 2025 11:47:13 GMT
1708.chunk.1fc6c974214dae333085.js
s1.nordaccount.com/assets/1.202.0/ 		85 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/1708.chunk.1fc6c974214dae333085.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e45400fe5dad4e9bc71927357cc70d9974182504f2b205748d720e77ffbff572
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
722
etag
W/"6617a099-15252"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235afbdf8ed4-FRA
expires
Mon, 21 Apr 2025 11:47:13 GMT
main.js
nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame 52F4
Redirect Chain
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
Protocol
H2
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41738c801fc8d1ffe4cb345ed261e8690cdc974f8e6ce8c32080fcef7417b0d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 11:47:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
877d235b39033a6a-FRA

Redirect headers

date
Sun, 21 Apr 2024 11:47:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
877d235af8ac3a6a-FRA
content-length
0
877d2358be073a6a
nordaccount.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 52F4 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/b/jsd/r/877d2358be073a6a
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Apr 2024 11:47:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
877d235be9e43a6a-FRA
content-length
0
content-type
text/plain; charset=UTF-8
1696.chunk.3f2acab7f840a8c3c13c.js
s1.nordaccount.com/assets/1.202.0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/1696.chunk.3f2acab7f840a8c3c13c.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0404c7396a52092114e88d967e4934bcdcd93b19abf35e5911865f1e4260f72f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
1631
etag
W/"6617a099-647d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235c6def8ed4-FRA
expires
Mon, 21 Apr 2025 11:47:14 GMT
7638.chunk.190a4f4b1e50f4bcfb66.js
s1.nordaccount.com/assets/1.202.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/7638.chunk.190a4f4b1e50f4bcfb66.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e025e4598069bef4d95307f21bd4708eddf3e2b6e72a9005ffcabf38f8ff597
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
3435
etag
W/"6617a099-2c6c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235c6df18ed4-FRA
expires
Mon, 21 Apr 2025 11:47:13 GMT
2834.chunk.08088e2ded0a3e305201.js
s1.nordaccount.com/assets/1.202.0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/2834.chunk.08088e2ded0a3e305201.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e8a2b2648be84ee6a39627963c9860c76ecff39a6b9eda3d341a61fe42656d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
3428
etag
W/"6617a099-31fe"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235c6df38ed4-FRA
expires
Mon, 21 Apr 2025 11:47:14 GMT
2561.59bf84ff69d5f3163d01.css
s1.nordaccount.com/assets/1.202.0/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/2561.59bf84ff69d5f3163d01.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effc234384a8595d26a2f381db9d4cdf9bf5c427af24c2be0dbf6000b914e9ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
2258
etag
W/"6617a099-1404"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235c69103675-FRA
expires
Mon, 21 Apr 2025 11:47:14 GMT
2561.chunk.59bf84ff69d5f3163d01.js
s1.nordaccount.com/assets/1.202.0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.202.0/2561.chunk.59bf84ff69d5f3163d01.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/index.aa8bd6366cfc072346f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a3f4faa820e73fbd387b762fbf570825e9fe2b4443b5ccafbb3f4311b17035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 08:34:33 GMT
server
cloudflare
age
2887
etag
W/"6617a099-3847"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
877d235c6df58ed4-FRA
expires
Mon, 21 Apr 2025 11:47:14 GMT
/
debug.nordsec.com/api/7/envelope/ 		2 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.109.0
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/575.chunk.2befafeb98a603b90399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://nordaccount.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
cf-ray
877d235d3bb15d86-FRA
content-length
2
rum
nordaccount.com/cdn-cgi/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/rum?
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/575.chunk.2befafeb98a603b90399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
Referer
https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
baggage
sentry-environment=production,sentry-release=na%401.202.0,sentry-public_key=74d9a6c9eb9e4ae7a1b4ac941af3767c,sentry-trace_id=078bb7ff6cbd4f05bacf2194a4dc75c3,sentry-sample_rate=0.1,sentry-sampled=false
sentry-trace
078bb7ff6cbd4f05bacf2194a4dc75c3-9f970141976ee3c0-0
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://nordaccount.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
877d235c7aae3a6a-FRA
en-woff2.css
s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/ 		139 KB
105 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/en-woff2.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/575.chunk.2befafeb98a603b90399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Mar 2023 13:47:21 GMT
server
cloudflare
age
9812
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
877d235d49465d42-FRA
expires
Thu, 24 Oct 2024 11:47:14 GMT
index.js
s1.nordcdn.com/d/nordaccount/prod/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/d/nordaccount/prod/index.js?collectorUrl=https://d.nordaccount.com/1/cc&project=nordaccount&linkerDomains=nordvpn.com,nordpass.com
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/575.chunk.2befafeb98a603b90399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbf5e79ca391f9daad6423aa2dd1964d8abb43ab23046d60caf21a60bf63175
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 10:16:06 GMT
server
cloudflare
age
269104
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
877d235d2e0b3836-FRA
favicon.png
s1.nordaccount.com/media/1.1016.0/images/account/favicon/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/media/1.1016.0/images/account/favicon/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c714b8e1575f0d6b619055b902c7f0ee01bbd52f2d8c6040c5ecd6c88a50abb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
331998
content-length
1455
last-modified
Mon, 24 May 2021 08:41:25 GMT
server
cloudflare
etag
"60ab66b5-5af"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
877d235c8e0a8ed4-FRA
expires
Wed, 22 May 2024 11:47:14 GMT
google.svg
s1.nordaccount.com/media/1.2204.0/images/account/global/icons/24/ 		993 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2204.0/images/account/global/icons/24/google.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19fb0add43c51d6a0073ab390ace41c76cf978108c247718f720bd2419768802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 09:47:02 GMT
server
cloudflare
age
198912
etag
W/"65cddd96-3e1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
877d235cee828ed4-FRA
expires
Wed, 22 May 2024 11:47:14 GMT
apple.svg
s1.nordaccount.com/media/1.2204.0/images/account/global/icons/24/ 		673 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2204.0/images/account/global/icons/24/apple.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae729ce923ef18b3ec13e5e0b2dd2384278efbe3fec807fb99bcf9e31407c4b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 09:47:02 GMT
server
cloudflare
age
458392
etag
W/"65cddd96-2a1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
877d235cee858ed4-FRA
expires
Wed, 22 May 2024 11:47:14 GMT
moon.svg
s1.nordaccount.com/media/1.2204.0/images/account/global/icons/16/ 		557 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/media/1.2204.0/images/account/global/icons/16/moon.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/575.chunk.2befafeb98a603b90399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 09:47:02 GMT
server
cloudflare
age
350094
etag
W/"65cddd96-22d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
877d235cea0f3675-FRA
expires
Wed, 22 May 2024 11:47:14 GMT
globe-language.svg
s1.nordaccount.com/media/1.2204.0/images/account/global/icons/16/ 		1017 B
911 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/media/1.2204.0/images/account/global/icons/16/globe-language.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.202.0/575.chunk.2befafeb98a603b90399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 09:47:02 GMT
server
cloudflare
age
459262
etag
W/"65cddd96-3f9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
877d235cea183675-FRA
expires
Wed, 22 May 2024 11:47:14 GMT
nordaccount.svg
s1.nordaccount.com/media/1.2204.0/images/account/global/logos/horizontal/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2204.0/images/account/global/logos/horizontal/nordaccount.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
388cff5cc34ac3845f0e50d43dcf6e1803c0db1397faaab2e623ebfb2a1b262b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 11:47:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 09:47:03 GMT
server
cloudflare
age
539115
etag
W/"65cddd97-a5e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
877d235cee908ed4-FRA
expires
Wed, 22 May 2024 11:47:14 GMT
cc
d.nordaccount.com/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordaccount.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cf-ray
877d235dabce3675-FRA
content-length
2
content-type
application/json
date
Sun, 21 Apr 2024 11:47:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cc
d.nordaccount.com/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordaccount.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cf-ray
877d235dabcb3675-FRA
content-length
2
content-type
application/json
date
Sun, 21 Apr 2024 11:47:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cc
d.nordaccount.com/1/ 		0
0
cc
d.nordaccount.com/1/ 		0
0
truncated
/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6

Request headers

Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62

Request headers

Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d.nordaccount.com
URL
https://d.nordaccount.com/1/cc
Domain
d.nordaccount.com
URL
https://d.nordaccount.com/1/cc

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getCookie boolean| isDark object| isDarkCookie string| assetsBasePath object| nordAppData object| tcQueue function| tcSendEvent object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| webpackChunk_nord_account_client object| regeneratorRuntime object| __cfBeacon object| __REACT_INTL_CONTEXT__ object| _growthbook object| __SENTRY__ object| tcHelpers object| tcContext object| tcConfig

11 Cookies

Domain/Path Name / Value
my.nordaccount.com/ Name: PHPSESSID
Value: 65c5f4c885aa7d1441a50d8ec46bcff5
.nordaccount.com/ Name: locale
Value: en
.nordaccount.com/ Name: __cf_bm
Value: .wKrrhfPpLTrOyaTJTWLokfk1w2GEOfhS.0n5xX0Ft0-1713700032-1.0.1.1-iQaGegOkfeeUi9ChZ_uRUPf.d2ioHkERbFtSf1i.4SQOOw1DexG9wH9OAKpn8MhdNdTvh66RMetbY1B2ZF4E4_KSkgk6h_hPY51mRJmK.ds
auth.nordaccount.com/ Name: oauth2_authentication_csrf
Value: MTcxMzcwMDAzMnxEWDhFQVFMX2dBQUJFQUVRQUFBLV80QUFBUVp6ZEhKcGJtY01CZ0FFWTNOeVpnWnpkSEpwYm1jTUlnQWdNV001TlRreU1ERmhOREJsTkRWa1kyRTFPVE5sWWpFM1lUYzJZV0pqTTJZPXyquSZ8ExgKgFtIQIf0c0ruMt5a9nROT07Jt7CgthoDwg==
nordaccount.com/ Name: sessions_bag
Value: MTcxMzcwMDAzM3xHWDhEQVFFRFFtRm5BZi1BQUFFQkFRUlZWVWxFQVF3QUFBQXBfNEFCSkRnd01qSmxOakV3TFRrNE1UQXROR0poTWkxaE5qRTVMVGRrTnpnNE1EUm1NVGM0TUFBPXzR5uDQzVmN7UQdh8HvWYz9hih5qd1TUSBEHiIg9kSN1w==
nordaccount.com/ Name: request
Value: 5eb29bdb-2444-42a5-b625-45115741119d
nordaccount.com/ Name: csrf
Value: yamtFDUVsaGxfBvBKcMtJchkcafHbiGC
.nordaccount.com/ Name: cf_clearance
Value: ZlJoapsFYLpycs_kVr1G0nZZpGOBBTblaCcchozXjl0-1713700033-1.0.1.1-oSAc5N9VDBwaNpF1z_BI57t0OIhZioOHDIzBjlXXTFnqTBEQLpNxFdPRYf70iUqqTV1WPOk_S1BH_shpOS_W9Q
.nordaccount.com/ Name: nv_tri
Value: TC_5308631319413117_1713700034150
.nordaccount.com/ Name: nv_trs
Value: 1713700034151_1713700034154_1_2
.nordaccount.com/ Name: font-css-en
Value: true

4 Console Messages

Source Level URL
Text
javascript error URL: https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
Message:
Access to resource at 'https://d.nordaccount.com/1/cc' from origin 'https://nordaccount.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d.nordaccount.com/1/cc
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://nordaccount.com/login/identifier?challenge=2%7Ca32895da70ba41d797a5bde07f75e8c3
Message:
Access to resource at 'https://d.nordaccount.com/1/cc' from origin 'https://nordaccount.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d.nordaccount.com/1/cc
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.nordaccount.com
d.nordaccount.com
debug.nordsec.com
my.nordaccount.com
nordaccount.com
s1.nordaccount.com
s1.nordcdn.com
static.cloudflareinsights.com
d.nordaccount.com
2606:4700:4400::6812:21ba
2606:4700:4400::ac40:9937
2606:4700:4400::ac40:9a46
2606:4700::6810:5049
2606:4700::6810:9c6f
0404c7396a52092114e88d967e4934bcdcd93b19abf35e5911865f1e4260f72f
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
19fb0add43c51d6a0073ab390ace41c76cf978108c247718f720bd2419768802
3617250523fd81cca28325f980b12fdf9e6733c694d787dcd2c8863c3b853377
388cff5cc34ac3845f0e50d43dcf6e1803c0db1397faaab2e623ebfb2a1b262b
41738c801fc8d1ffe4cb345ed261e8690cdc974f8e6ce8c32080fcef7417b0d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
59a3f4faa820e73fbd387b762fbf570825e9fe2b4443b5ccafbb3f4311b17035
60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706
7ef8f45eb2ed75c9ddca936dd8ab2dffa95a6c0e3f123381f673e3f8079f23fd
8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f
8cbf5e79ca391f9daad6423aa2dd1964d8abb43ab23046d60caf21a60bf63175
8e025e4598069bef4d95307f21bd4708eddf3e2b6e72a9005ffcabf38f8ff597
9c714b8e1575f0d6b619055b902c7f0ee01bbd52f2d8c6040c5ecd6c88a50abb
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62
a82e565d48c19850da1944da9bd24828f8d1d63c2ea23d104610ccb77a9cbbbf
ae729ce923ef18b3ec13e5e0b2dd2384278efbe3fec807fb99bcf9e31407c4b0
b0e8a2b2648be84ee6a39627963c9860c76ecff39a6b9eda3d341a61fe42656d
d207428e073dd931fdc08399f0de59b25631bad46a12100672b356924ed9fe8b
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6
da1ae1576ab0761927c944656ed075bde8377970c388bdbb04a323fda8df1c1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45400fe5dad4e9bc71927357cc70d9974182504f2b205748d720e77ffbff572
effc234384a8595d26a2f381db9d4cdf9bf5c427af24c2be0dbf6000b914e9ea