urlscan.io logo urlscan.io
SecurityTrails logo

nordaccount.com Open in urlscan Pro
2606:4700:4400::ac40:9a46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.nordvpn.com/u/click?_t=f675640029a34d1f9a5b14c05f06483a&_m=40fb3c292d414e6a884dac5bfdf59a42&_e=1wnlV3cATgTdw...
Effective URL: https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&ut...
Submission: On March 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2606:4700:4400::ac40:9a46, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordaccount.com. The Cisco Umbrella rank of the primary domain is 220313.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on February 28th 2023. Valid for: a year.
This is the only time nordaccount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.19.159.190 13335 (CLOUDFLAR...)
7 13 2606:4700:440... 13335 (CLOUDFLAR...)
18 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
27 6
1    104.19.159.190 (None, )

ASN13335 (CLOUDFLARENET, US)
links.nordvpn.com
13    2606:4700:4400::ac40:9a46 (United States)

ASN13335 (CLOUDFLARENET, US)
my.nordaccount.com
auth.nordaccount.com
nordaccount.com
d.nordaccount.com
18    2606:4700:4400::6812:21ba (United States)

ASN13335 (CLOUDFLARENET, US)
s1.nordaccount.com
api-gateway.nordaccount.com
d.nordaccount.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700:4400::6812:22c9 (United States)

ASN13335 (CLOUDFLARENET, US)
debug.nordsec.com
1    2606:4700::6811:cfed (United States)

ASN13335 (CLOUDFLARENET, US)
s1.nordcdn.com
Apex Domain
Subdomains		 Transfer
31 nordaccount.com
my.nordaccount.com — Cisco Umbrella Rank: 435632
auth.nordaccount.com — Cisco Umbrella Rank: 337711
nordaccount.com — Cisco Umbrella Rank: 220313
s1.nordaccount.com — Cisco Umbrella Rank: 361450
api-gateway.nordaccount.com — Cisco Umbrella Rank: 420045
d.nordaccount.com — Cisco Umbrella Rank: 388358
361 KB
1 nordcdn.com
s1.nordcdn.com — Cisco Umbrella Rank: 166900
105 KB
1 nordsec.com
debug.nordsec.com — Cisco Umbrella Rank: 366928
302 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 840
7 KB
1 nordvpn.com
links.nordvpn.com — Cisco Umbrella Rank: 492768
1 KB
27 5
Domain Requested by
15 s1.nordaccount.com nordaccount.com
s1.nordaccount.com
7 nordaccount.com 3 redirects nordaccount.com
s1.nordaccount.com
4 d.nordaccount.com s1.nordaccount.com
3 my.nordaccount.com 3 redirects
1 s1.nordcdn.com s1.nordaccount.com
1 api-gateway.nordaccount.com s1.nordaccount.com
1 debug.nordsec.com s1.nordaccount.com
1 static.cloudflareinsights.com nordaccount.com
1 auth.nordaccount.com 1 redirects
1 links.nordvpn.com 1 redirects
27 10

This site contains links to these domains. Also see Links.

Domain
my.nordaccount.com
Subject Issuer Validity Valid
*.nordaccount.com
AlphaSSL CA - SHA256 - G4		 2023-02-28 -
2024-03-31		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
nordsec.com
E1		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.nordcdn.com
AlphaSSL CA - SHA256 - G4		 2023-02-28 -
2024-03-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Frame ID: 9328C1FB2051A48B445C73E148B77C7B
Requests: 25 HTTP requests in this frame

Frame: https://nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Frame ID: 82DE58A02F3A2E4EBB55E9615C94590B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quick, easy, and secure login with Nord Account.

Page URL History Show full URLs

  1. https://links.nordvpn.com/u/click?_t=f675640029a34d1f9a5b14c05f06483a&_m=40fb3c292d414e6a884dac5bfdf59... HTTP 303
    https://my.nordaccount.com/checkout/nordvpn?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=ema... HTTP 302
    https://my.nordaccount.com/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_camp... HTTP 302
    https://my.nordaccount.com/oauth2/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&u... HTTP 302
    https://auth.nordaccount.com/oauth2/auth?redirect_uri=https%3A%2F%2Fmy.nordaccount.com%2Foauth2%2Fcallbac... HTTP 302
    https://nordaccount.com/login-entry?login_challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaig... HTTP 302
    https://nordaccount.com/account/select?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=c... HTTP 302
    https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

27
Requests

96 %
HTTPS

83 %
IPv6

5
Domains

10
Subdomains

6
IPs

2
Countries

538 kB
Transfer

2137 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.nordvpn.com/u/click?_t=f675640029a34d1f9a5b14c05f06483a&_m=40fb3c292d414e6a884dac5bfdf59a42&_e=1wnlV3cATgTdwsZ28zsqVI0ueqAf-TPyp0hDwPJ9PPdFXxlOmXPKoR_qKrnevhd0SeF8B2l7_Bt2MrS7lYPbuS4ecJbpHnQobVAaAeekxCylpYIeZGJ6d1r9YRjt-nvA2KQ5_xOcZfPG176Jb82lGPEZ-_DMIl09APJvWyVgbFMQnxMvE2G6yGkm0rRj54tNOzmt6UrFYguJkt-l3DuiJDIEf_vOfX3ep2nt2Fzdm4qz_DU-_ULJ1XZPvED_i-6fvr-kc5unAfGr3yJ9nUUvcvAD8vpjT71EnbboJbWY0T7z6xZkvjxCfzuuCjym-b3S6zC6144Q4Q1kSSnxAIF9zgXq99C2jZ_U1AqFxCi1ywk%3D HTTP 303
    https://my.nordaccount.com/checkout/nordvpn?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694 HTTP 302
    https://my.nordaccount.com/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694 HTTP 302
    https://my.nordaccount.com/oauth2/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694 HTTP 302
    https://auth.nordaccount.com/oauth2/auth?redirect_uri=https%3A%2F%2Fmy.nordaccount.com%2Foauth2%2Fcallback&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694&state=a1921f4d869cea461256794a01f903ab&scope=openid%20offline_access%20sessions%3Awrite%20account.password%3Awrite%20email%20account.providers%3Aread%20account.providers%3Awrite&response_type=code&approval_prompt=auto&client_id=ucp HTTP 302
    https://nordaccount.com/login-entry?login_challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable HTTP 302
    https://nordaccount.com/account/select?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable HTTP 302
    https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request identifier
nordaccount.com/login/
Redirect Chain
  • https://links.nordvpn.com/u/click?_t=f675640029a34d1f9a5b14c05f06483a&_m=40fb3c292d414e6a884dac5bfdf59a42&_e=1wnlV3cATgTdwsZ28zsqVI0ueqAf-TPyp0hDwPJ9PPdFXxlOmXPKoR_qKrnevhd0SeF8B2l7_Bt2MrS7lYPbuS4e...
  • https://my.nordaccount.com/checkout/nordvpn?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694
  • https://my.nordaccount.com/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694
  • https://my.nordaccount.com/oauth2/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694
  • https://auth.nordaccount.com/oauth2/auth?redirect_uri=https%3A%2F%2Fmy.nordaccount.com%2Foauth2%2Fcallback&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694&state=a1921f4d869cea461...
  • https://nordaccount.com/login-entry?login_challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
  • https://nordaccount.com/account/select?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
  • https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23acd751197e32be45851660b70a96aa64aebd0a44eca95f40010e528a7e7c77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8647a94009d19bb2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 14 Mar 2024 22:22:12 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie
x-frame-options
DENY

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8647a93eb8c29bb2-FRA
content-length
0
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 14 Mar 2024 22:22:12 GMT
location
/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie, Accept-Encoding
x-frame-options
DENY
index.a422670abd002fbcd1c9.js
s1.nordaccount.com/assets/1.196.0/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61a1a9146fef9a20eead470896b66a846406c30de58143a451f2ea22925456f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:42 GMT
server
cloudflare
age
861
etag
W/"65f1c6a2-8354"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a941cddc9968-FRA
expires
Fri, 14 Mar 2025 22:22:12 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:12 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8647a9412f055d81-FRA
434.baf171c79bcf9ab4294c.css
s1.nordaccount.com/assets/1.196.0/ 		909 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/434.baf171c79bcf9ab4294c.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e45ac928c5941248dce77854b50d385d92abab677a9bb116a73e9d1667afda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:41 GMT
server
cloudflare
age
2316
etag
W/"65f1c6a1-e335f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a94228cc69a3-FRA
expires
Fri, 14 Mar 2025 22:22:12 GMT
434.chunk.baf171c79bcf9ab4294c.js
s1.nordaccount.com/assets/1.196.0/ 		784 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/434.chunk.baf171c79bcf9ab4294c.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7db5689695dd71462fed97ed0e04be29cb4dbea4d9d9bfeca03e72d79b41f31e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:41 GMT
server
cloudflare
age
860
etag
W/"65f1c6a1-c41e3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a941fdf89968-FRA
expires
Fri, 14 Mar 2025 22:22:12 GMT
7065.f7c62b3c0f3ae89b11b7.css
s1.nordaccount.com/assets/1.196.0/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/7065.f7c62b3c0f3ae89b11b7.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8eb7cefe4daebe918ab075812477c950adf01baefdae4f532c0a207cdb9c8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:41 GMT
server
cloudflare
age
2316
etag
W/"65f1c6a1-2047"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a94228ce69a3-FRA
expires
Fri, 14 Mar 2025 22:22:12 GMT
7065.chunk.f7c62b3c0f3ae89b11b7.js
s1.nordaccount.com/assets/1.196.0/ 		86 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/7065.chunk.f7c62b3c0f3ae89b11b7.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b726e9fe3d312057da7636f3e42c15c3f2c6709f6331b93d1ff24f8d1ce344d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:41 GMT
server
cloudflare
age
860
etag
W/"65f1c6a1-15812"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a941fdfa9968-FRA
expires
Fri, 14 Mar 2025 22:22:12 GMT
main.js
nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/ Frame 82DE
Redirect Chain
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Protocol
H2
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6864abd82a753b174d265456f85aa8aa07b4054a4e74053936e41095aab79bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8647a9422b9d9bb2-FRA

Redirect headers

date
Thu, 14 Mar 2024 22:22:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
cache-control
max-age=300, public
cf-ray
8647a9421b869bb2-FRA
content-length
0
8647a94009d19bb2
nordaccount.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 82DE 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/b/jsd/r/8647a94009d19bb2
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 22:22:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
cf-ray
8647a942abfd9bb2-FRA
content-type
text/plain; charset=UTF-8
1696.chunk.3f2acab7f840a8c3c13c.js
s1.nordaccount.com/assets/1.196.0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/1696.chunk.3f2acab7f840a8c3c13c.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eafdc3c7b0754c69db8af0f9fd49ef60a7603d6395a15788777e1de368fefc44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:41 GMT
server
cloudflare
age
859
etag
W/"65f1c6a1-647d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a9434eea9968-FRA
expires
Fri, 14 Mar 2025 22:22:13 GMT
7638.chunk.5ff40231452c8433cc09.js
s1.nordaccount.com/assets/1.196.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/7638.chunk.5ff40231452c8433cc09.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f43c308797a20879b3ddfa25586289605ebdedf7f4618a199f6170deb72553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:41 GMT
server
cloudflare
age
841
etag
W/"65f1c6a1-2c79"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a9434eec9968-FRA
expires
Fri, 14 Mar 2025 22:22:13 GMT
2834.chunk.8562dc322425bf438d52.js
s1.nordaccount.com/assets/1.196.0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/2834.chunk.8562dc322425bf438d52.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b41969fa436a3b40de3cdd646f69f484a5f040dc604989ff9c8c4d4eab37b307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:41 GMT
server
cloudflare
age
841
etag
W/"65f1c6a1-31fe"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a9434eef9968-FRA
expires
Fri, 14 Mar 2025 22:22:13 GMT
5160.c0f818112f9929327879.css
s1.nordaccount.com/assets/1.196.0/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/5160.c0f818112f9929327879.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f321530a1aca1c8f24a85e607ea85498da8d29f7cb9e4f9637b8edf660e1514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:41 GMT
server
cloudflare
age
2289
etag
W/"65f1c6a1-12a7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a94349de69a3-FRA
expires
Fri, 14 Mar 2025 22:22:13 GMT
5160.chunk.c0f818112f9929327879.js
s1.nordaccount.com/assets/1.196.0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.196.0/5160.chunk.c0f818112f9929327879.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/index.a422670abd002fbcd1c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3188d13e095e9e832062a722629451b98452c342dbd9369fd20a0dfe8c1609c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 15:30:41 GMT
server
cloudflare
age
832
etag
W/"65f1c6a1-392b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647a9434ef19968-FRA
expires
Fri, 14 Mar 2025 22:22:13 GMT
/
debug.nordsec.com/api/7/envelope/ 		2 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/434.chunk.baf171c79bcf9ab4294c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nordaccount.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
cf-ray
8647a9438920bbfd-FRA
content-length
2
features
api-gateway.nordaccount.com/v1/tracking/ 		462 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gateway.nordaccount.com/v1/tracking/features
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/434.chunk.baf171c79bcf9ab4294c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ec619bfbf412c2ad525549852f6fe907faf21f6065448285c4ad7d233f87745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://nordaccount.com
access-control-allow-credentials
true
cf-ray
8647a94359f269a3-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
rum
nordaccount.com/cdn-cgi/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/rum?
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/434.chunk.baf171c79bcf9ab4294c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nordaccount.com/login/identifier?challenge=2%7C7d1a4c9688584feebd3df8cffaf0586d&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=production,sentry-release=na%401.196.0,sentry-public_key=74d9a6c9eb9e4ae7a1b4ac941af3767c,sentry-trace_id=bd4b06ecabbc4b48b257beab69d39367,sentry-sample_rate=0.1,sentry-sampled=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace
bd4b06ecabbc4b48b257beab69d39367-9a8ecd8bfb48f344-0
content-type
application/json

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://nordaccount.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8647a9435c899bb2-FRA
en-woff2.css
s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/ 		139 KB
105 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/en-woff2.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/434.chunk.baf171c79bcf9ab4294c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cfed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Mar 2023 13:47:21 GMT
server
cloudflare
age
27263
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
8647a9438a9b71b2-FRA
expires
Mon, 16 Sep 2024 22:22:13 GMT
google.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/ 		993 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/google.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19fb0add43c51d6a0073ab390ace41c76cf978108c247718f720bd2419768802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:31 GMT
server
cloudflare
age
110939
etag
W/"657082f3-3e1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
8647a9438f239968-FRA
expires
Sun, 14 Apr 2024 22:22:13 GMT
apple.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/ 		673 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/apple.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae729ce923ef18b3ec13e5e0b2dd2384278efbe3fec807fb99bcf9e31407c4b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:31 GMT
server
cloudflare
age
102107
etag
W/"657082f3-2a1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
8647a9438f299968-FRA
expires
Sun, 14 Apr 2024 22:22:13 GMT
cc
d.nordaccount.com/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordaccount.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
8647a943aa1f69a3-FRA
content-length
0
date
Thu, 14 Mar 2024 22:22:13 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
cc
d.nordaccount.com/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordaccount.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
8647a943aa1d69a3-FRA
content-length
0
date
Thu, 14 Mar 2024 22:22:13 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
cc
d.nordaccount.com/1/ 		0
218 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/434.chunk.baf171c79bcf9ab4294c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-allow-credentials
true
cf-ray
8647a9445d479bb2-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
0
x-request-id
a1a6149d271533caa7895242ff82efa4
cc
d.nordaccount.com/1/ 		0
66 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/434.chunk.baf171c79bcf9ab4294c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-allow-credentials
true
cf-ray
8647a9445d4f9bb2-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
0
x-request-id
3b6e606075e2d3fbb294c5a1c2de577b
moon.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/ 		557 B
704 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/moon.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/434.chunk.baf171c79bcf9ab4294c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:31 GMT
server
cloudflare
age
106760
etag
W/"657082f3-22d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
8647a9439a1a69a3-FRA
expires
Sun, 14 Apr 2024 22:22:13 GMT
globe-language.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/ 		1017 B
831 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/globe-language.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.196.0/434.chunk.baf171c79bcf9ab4294c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:31 GMT
server
cloudflare
age
102108
etag
W/"657082f3-3f9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
8647a9439a1b69a3-FRA
expires
Sun, 14 Apr 2024 22:22:13 GMT
nordaccount.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/logos/horizontal/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/logos/horizontal/nordaccount.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
388cff5cc34ac3845f0e50d43dcf6e1803c0db1397faaab2e623ebfb2a1b262b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:22:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:32 GMT
server
cloudflare
age
97240
etag
W/"657082f4-a5e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
8647a943af439968-FRA
expires
Sun, 14 Apr 2024 22:22:13 GMT
truncated
/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getCookie boolean| isDark object| isDarkCookie string| assetsBasePath object| nordAppData object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| webpackChunk_nord_account_client object| regeneratorRuntime object| __cfBeacon object| __REACT_INTL_CONTEXT__ object| _growthbook object| tracy object| __SENTRY__

17 Cookies

Domain/Path Name / Value
.nordvpn.com/ Name: iterableEmailCampaignId
Value: 9191694
.nordvpn.com/ Name: iterableTemplateId
Value: 12157236
.nordvpn.com/ Name: iterableMessageId
Value: 40fb3c292d414e6a884dac5bfdf59a42
.nordvpn.com/ Name: iterableEndUserId
Value: cryptonaryxk%40gmail.com
links.nordvpn.com/ Name: XSRF-TOKEN
Value: 8b077596cfe1261660b089767e3567240b971556-1710454931175-b3100e97a224a8307a48d3a0
.nordvpn.com/ Name: __cf_bm
Value: bhhiwjExkOyc5zg0fYRrnJlNbXd7edwIAUJiJMFFRJc-1710454931-1.0.1.1-qtdDflKyC4ALImDuQ_kNFCTMaAQVk9XnMb9ENGbluN8B.jEg7gERyUpAnmP6vmLGmeXD6xSxNuMml0EPrkwYKaUW.GFZ6quELyXrlWjVsrg
my.nordaccount.com/ Name: PHPSESSID
Value: 61a4b5ad875bf0eacd0d88bd1fa20855
.nordaccount.com/ Name: locale
Value: en
.nordaccount.com/ Name: __cf_bm
Value: 7MHDVqDDPz1RFi01w6i40mWSQSTEI4wC4d6LgzzWP5c-1710454931-1.0.1.1-2nw.4AVQkJsUC4uHxkPCUSicsOIzXwKSwX73luCqoMy5kpEmmHk4yGQmjW3Mciyor0eRNwAuPwjJoU9YgLOOXejytAQc3.ZqBe_6K7Z5w9Q
auth.nordaccount.com/ Name: oauth2_authentication_csrf
Value: MTcxMDQ1NDkzMXxEWDhFQVFMX2dBQUJFQUVRQUFBLV80QUFBUVp6ZEhKcGJtY01CZ0FFWTNOeVpnWnpkSEpwYm1jTUlnQWdZekpoWXpneE56RTFOemhpTkdRek1HSXdZV1l5WWpKalkyRmhaREkzWVdZPXw7FoBCUC3rirltJoKqxgQYSLam6hKENZzzqEQX7zRE2g==
nordaccount.com/ Name: sessions_bag
Value: MTcxMDQ1NDkzMnxHWDhEQVFFRFFtRm5BZi1BQUFFQkFRUlZWVWxFQVF3QUFBQXBfNEFCSkRVd016VTRaR1l3TFRBME5EUXRORFJqTVMwNFpESTBMVEpsWkdJME5UWXhaVFU0TXdBPXyLddCObQDrhFUuUHDpkCl2GWxm5yib6yqoimM3_aehPg==
nordaccount.com/ Name: request
Value: 79e0e0db-3600-4ccb-b495-bda1b4ca004a
nordaccount.com/ Name: csrf
Value: ZgmhiimwqJHZCuQAgazewUSErQgBSZZI
.nordaccount.com/ Name: cf_clearance
Value: bexfP3mUHW4X7DheWzXm9CJ0kJdkXTH8SPUMDAtbAYM-1710454932-1.0.1.1-GP6yj7ZoETBjpCdEuCaeGq.sibXyceCByyeDlK2uZMEIMlQPySfpWcFLjNx2Tlr4nCYVQtnamei8TmrAtQkmpw
.nordaccount.com/ Name: nv_tri
Value: TC_6774527120362677_1710454932951
.nordaccount.com/ Name: nv_trs
Value: 1710454932952_1710454933048_1_2
.nordaccount.com/ Name: font-css-en
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-gateway.nordaccount.com
auth.nordaccount.com
d.nordaccount.com
debug.nordsec.com
links.nordvpn.com
my.nordaccount.com
nordaccount.com
s1.nordaccount.com
s1.nordcdn.com
static.cloudflareinsights.com
104.19.159.190
2606:4700:4400::6812:21ba
2606:4700:4400::6812:22c9
2606:4700:4400::ac40:9a46
2606:4700::6810:5049
2606:4700::6811:cfed
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
19fb0add43c51d6a0073ab390ace41c76cf978108c247718f720bd2419768802
23acd751197e32be45851660b70a96aa64aebd0a44eca95f40010e528a7e7c77
2f321530a1aca1c8f24a85e607ea85498da8d29f7cb9e4f9637b8edf660e1514
388cff5cc34ac3845f0e50d43dcf6e1803c0db1397faaab2e623ebfb2a1b262b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5a8eb7cefe4daebe918ab075812477c950adf01baefdae4f532c0a207cdb9c8c
60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6864abd82a753b174d265456f85aa8aa07b4054a4e74053936e41095aab79bb6
71f43c308797a20879b3ddfa25586289605ebdedf7f4618a199f6170deb72553
7db5689695dd71462fed97ed0e04be29cb4dbea4d9d9bfeca03e72d79b41f31e
8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62
9ec619bfbf412c2ad525549852f6fe907faf21f6065448285c4ad7d233f87745
a3188d13e095e9e832062a722629451b98452c342dbd9369fd20a0dfe8c1609c
ae729ce923ef18b3ec13e5e0b2dd2384278efbe3fec807fb99bcf9e31407c4b0
b41969fa436a3b40de3cdd646f69f484a5f040dc604989ff9c8c4d4eab37b307
b726e9fe3d312057da7636f3e42c15c3f2c6709f6331b93d1ff24f8d1ce344d4
c61a1a9146fef9a20eead470896b66a846406c30de58143a451f2ea22925456f
c6e45ac928c5941248dce77854b50d385d92abab677a9bb116a73e9d1667afda
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eafdc3c7b0754c69db8af0f9fd49ef60a7603d6395a15788777e1de368fefc44