urlscan.io logo urlscan.io
SecurityTrails logo

nordaccount.com Open in urlscan Pro
2606:4700:4400::ac40:9a46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.nordvpn.com/u/click?_t=f675640029a34d1f9a5b14c05f06483a&_m=40fb3c292d414e6a884dac5bfdf59a42&_e=1wnlV3cATgTdw...
Effective URL: https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&ut...
Submission: On March 14 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2606:4700:4400::ac40:9a46, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordaccount.com. The Cisco Umbrella rank of the primary domain is 177673.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on February 28th 2023. Valid for: a year.
This is the only time nordaccount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.19.159.190 13335 (CLOUDFLAR...)
7 31 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
27 5
1    104.19.159.190 (None, )

ASN13335 (CLOUDFLARENET, US)
links.nordvpn.com
31    2606:4700:4400::ac40:9a46 (United States)

ASN13335 (CLOUDFLARENET, US)
my.nordaccount.com
auth.nordaccount.com
nordaccount.com
s1.nordaccount.com
api-gateway.nordaccount.com
d.nordaccount.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700:4400::ac40:9937 (United States)

ASN13335 (CLOUDFLARENET, US)
debug.nordsec.com
1    2606:4700::6811:cfed (United States)

ASN13335 (CLOUDFLARENET, US)
s1.nordcdn.com
Apex Domain
Subdomains		 Transfer
31 nordaccount.com
my.nordaccount.com — Cisco Umbrella Rank: 398198
auth.nordaccount.com — Cisco Umbrella Rank: 255174
nordaccount.com — Cisco Umbrella Rank: 177673
s1.nordaccount.com — Cisco Umbrella Rank: 322711
api-gateway.nordaccount.com — Cisco Umbrella Rank: 354040
d.nordaccount.com — Cisco Umbrella Rank: 340846
361 KB
1 nordcdn.com
s1.nordcdn.com — Cisco Umbrella Rank: 154810
105 KB
1 nordsec.com
debug.nordsec.com — Cisco Umbrella Rank: 320975
302 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 788
7 KB
1 nordvpn.com
links.nordvpn.com — Cisco Umbrella Rank: 656824
1 KB
27 5
Domain Requested by
15 s1.nordaccount.com nordaccount.com
s1.nordaccount.com
7 nordaccount.com 3 redirects nordaccount.com
s1.nordaccount.com
4 d.nordaccount.com s1.nordaccount.com
3 my.nordaccount.com 3 redirects
1 s1.nordcdn.com s1.nordaccount.com
1 api-gateway.nordaccount.com s1.nordaccount.com
1 debug.nordsec.com s1.nordaccount.com
1 static.cloudflareinsights.com nordaccount.com
1 auth.nordaccount.com 1 redirects
1 links.nordvpn.com 1 redirects
27 10

This site contains links to these domains. Also see Links.

Domain
my.nordaccount.com
Subject Issuer Validity Valid
*.nordaccount.com
AlphaSSL CA - SHA256 - G4		 2023-02-28 -
2024-03-31		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
nordsec.com
E1		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.nordcdn.com
AlphaSSL CA - SHA256 - G4		 2023-02-28 -
2024-03-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Frame ID: 309E14B0E6272FA1A411D5333DDB8BEA
Requests: 25 HTTP requests in this frame

Frame: https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Frame ID: 5571FEF9C11277F3CD5E21A82B59A426
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quick, easy, and secure login with Nord Account.

Page URL History Show full URLs

  1. https://links.nordvpn.com/u/click?_t=f675640029a34d1f9a5b14c05f06483a&_m=40fb3c292d414e6a884dac5bfdf59... HTTP 303
    https://my.nordaccount.com/checkout/nordvpn?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=ema... HTTP 302
    https://my.nordaccount.com/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_camp... HTTP 302
    https://my.nordaccount.com/oauth2/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&u... HTTP 302
    https://auth.nordaccount.com/oauth2/auth?redirect_uri=https%3A%2F%2Fmy.nordaccount.com%2Foauth2%2Fcallbac... HTTP 302
    https://nordaccount.com/login-entry?login_challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaig... HTTP 302
    https://nordaccount.com/account/select?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=c... HTTP 302
    https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

27
Requests

96 %
HTTPS

80 %
IPv6

5
Domains

10
Subdomains

5
IPs

2
Countries

538 kB
Transfer

2137 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.nordvpn.com/u/click?_t=f675640029a34d1f9a5b14c05f06483a&_m=40fb3c292d414e6a884dac5bfdf59a42&_e=1wnlV3cATgTdwsZ28zsqVI0ueqAf-TPyp0hDwPJ9PPdFXxlOmXPKoR_qKrnevhd0SeF8B2l7_Bt2MrS7lYPbuS4ecJbpHnQobVAaAeekxCylpYIeZGJ6d1r9YRjt-nvA2KQ5_xOcZfPG176Jb82lGPEZ-_DMIl09APJvWyVgbFMQnxMvE2G6yGkm0rRj54tNOzmt6UrFYguJkt-l3DuiJDIEf_vOfX3ep2nt2Fzdm4qz_DU-_ULJ1XZPvED_i-6fvr-kc5unAfGr3yJ9nUUvcvAD8vpjT71EnbboJbWY0T7z6xZkvjxCfzuuCjym-b3S6zC6144Q4Q1kSSnxAIF9zgXq99C2jZ_U1AqFxCi1ywk%3D HTTP 303
    https://my.nordaccount.com/checkout/nordvpn?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694 HTTP 302
    https://my.nordaccount.com/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694 HTTP 302
    https://my.nordaccount.com/oauth2/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694 HTTP 302
    https://auth.nordaccount.com/oauth2/auth?redirect_uri=https%3A%2F%2Fmy.nordaccount.com%2Foauth2%2Fcallback&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694&state=e9ff25f1ce035bee5f2edf2aaa04a7c2&scope=openid%20offline_access%20sessions%3Awrite%20account.password%3Awrite%20email%20account.providers%3Aread%20account.providers%3Awrite&response_type=code&approval_prompt=auto&client_id=ucp HTTP 302
    https://nordaccount.com/login-entry?login_challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable HTTP 302
    https://nordaccount.com/account/select?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable HTTP 302
    https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request identifier
nordaccount.com/login/
Redirect Chain
  • https://links.nordvpn.com/u/click?_t=f675640029a34d1f9a5b14c05f06483a&_m=40fb3c292d414e6a884dac5bfdf59a42&_e=1wnlV3cATgTdwsZ28zsqVI0ueqAf-TPyp0hDwPJ9PPdFXxlOmXPKoR_qKrnevhd0SeF8B2l7_Bt2MrS7lYPbuS4e...
  • https://my.nordaccount.com/checkout/nordvpn?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694
  • https://my.nordaccount.com/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694
  • https://my.nordaccount.com/oauth2/login?ff%5Bcoupon-field%5D=off&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694
  • https://auth.nordaccount.com/oauth2/auth?redirect_uri=https%3A%2F%2Fmy.nordaccount.com%2Foauth2%2Fcallback&utm_source=Iterable&utm_medium=email&utm_campaign=campaign_9191694&state=e9ff25f1ce035bee5...
  • https://nordaccount.com/login-entry?login_challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
  • https://nordaccount.com/account/select?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
  • https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24cfeec79e34fba012d21bfaae0dcace06d50c2895b73836e1722d97029158e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
86417a8e2a673810-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 14 Mar 2024 04:21:45 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie
x-frame-options
DENY

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
86417a8d59b73810-FRA
content-length
0
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 14 Mar 2024 04:21:45 GMT
location
/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie, Accept-Encoding
x-frame-options
DENY
index.be4fcf63f52c7ce71fa3.js
s1.nordaccount.com/assets/1.195.0/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06bb1c20b09262acbdeed22c5d28d4fe49a5c1dd07fc0fb5842f9333daf87977
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:08 GMT
server
cloudflare
age
2812
etag
W/"65d770f0-8354"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a8f4b23383b-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
86417a8f394637f6-FRA
434.0022db8470b0569abd39.css
s1.nordaccount.com/assets/1.195.0/ 		909 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/434.0022db8470b0569abd39.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e45ac928c5941248dce77854b50d385d92abab677a9bb116a73e9d1667afda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:07 GMT
server
cloudflare
age
1127
etag
W/"65d770ef-e335f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a8f9e7165d9-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
434.chunk.0022db8470b0569abd39.js
s1.nordaccount.com/assets/1.195.0/ 		785 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/434.chunk.0022db8470b0569abd39.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7081f2c99b033822b71cc45773ed5d59f8a7ccbed70cb8b19bcd8e08868fd658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:07 GMT
server
cloudflare
age
3574
etag
W/"65d770ef-c4378"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a8f6b41383b-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
7065.feafa9b49dff9ba81b85.css
s1.nordaccount.com/assets/1.195.0/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/7065.feafa9b49dff9ba81b85.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8eb7cefe4daebe918ab075812477c950adf01baefdae4f532c0a207cdb9c8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:07 GMT
server
cloudflare
age
2812
etag
W/"65d770ef-2047"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a8f9e7265d9-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
7065.chunk.feafa9b49dff9ba81b85.js
s1.nordaccount.com/assets/1.195.0/ 		86 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/7065.chunk.feafa9b49dff9ba81b85.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d3fc1037432e0e47b34528269e5e49f8686a9b4f3744ff001f824de3c182c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:07 GMT
server
cloudflare
age
1146
etag
W/"65d770ef-15854"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a8f6b43383b-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
main.js
nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame 5571
Redirect Chain
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
Protocol
H2
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8017dde5fd246b604dc50ee5dd616f508d497e53d4941ccbdc17f0de39a79350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86417a8fbb503810-FRA

Redirect headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
cache-control
max-age=300, public
cf-ray
86417a8f9b423810-FRA
content-length
0
86417a8e2a673810
nordaccount.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 5571 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/g/jsd/r/86417a8e2a673810
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
cf-ray
86417a90abe63810-FRA
content-type
text/plain; charset=UTF-8
/
debug.nordsec.com/api/7/envelope/ 		2 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/434.chunk.0022db8470b0569abd39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nordaccount.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Mar 2024 04:21:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
cf-ray
86417a90fc751c3a-FRA
content-length
2
features
api-gateway.nordaccount.com/v1/tracking/ 		17 B
520 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gateway.nordaccount.com/v1/tracking/features
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/434.chunk.0022db8470b0569abd39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f313f15ddbdfd3c69c05cab4a3c1f657138fc1fc1ff254f78a69a7d2e492a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://nordaccount.com
access-control-allow-credentials
true
cf-ray
86417a90ef1365d9-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
17
rum
nordaccount.com/cdn-cgi/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/rum?
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/434.chunk.0022db8470b0569abd39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nordaccount.com/login/identifier?challenge=2%7C921a62f6bc2045a09f9899439cf29377&utm_campaign=campaign_9191694&utm_medium=email&utm_source=Iterable
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=production,sentry-release=na%401.195.0,sentry-public_key=74d9a6c9eb9e4ae7a1b4ac941af3767c,sentry-trace_id=6022758f686c464fa700a5ec3cac5a40,sentry-sample_rate=0.1,sentry-sampled=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace
6022758f686c464fa700a5ec3cac5a40-b3f6919a40c2db0f-0
content-type
application/json

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://nordaccount.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
86417a90cc0b3810-FRA
en-woff2.css
s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/ 		139 KB
105 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/en-woff2.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/434.chunk.0022db8470b0569abd39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cfed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Mar 2023 13:47:21 GMT
server
cloudflare
age
13125
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
86417a910c6c6934-FRA
expires
Mon, 16 Sep 2024 04:21:45 GMT
1696.chunk.3f2acab7f840a8c3c13c.js
s1.nordaccount.com/assets/1.195.0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/1696.chunk.3f2acab7f840a8c3c13c.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f8f7762bff87718049b92c138fd31263ea7fd62995b9662142b9259325a1316
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:07 GMT
server
cloudflare
age
2829
etag
W/"65d770ef-647d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a921cf5383b-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
7638.chunk.5ff40231452c8433cc09.js
s1.nordaccount.com/assets/1.195.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/7638.chunk.5ff40231452c8433cc09.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25aed97aca736ba96a0de3e0b2639b1d59efb90c699a0d8c04b5358414c6577a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:07 GMT
server
cloudflare
age
2233
etag
W/"65d770ef-2c79"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a921cf7383b-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
2834.chunk.8562dc322425bf438d52.js
s1.nordaccount.com/assets/1.195.0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/2834.chunk.8562dc322425bf438d52.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be3cc393f904a7a9ea5fe28d5df2181898e38b658de5821a693377c522cd04d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:07 GMT
server
cloudflare
age
2234
etag
W/"65d770ef-31fe"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a921cf9383b-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
5160.c0f818112f9929327879.css
s1.nordaccount.com/assets/1.195.0/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/5160.c0f818112f9929327879.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f321530a1aca1c8f24a85e607ea85498da8d29f7cb9e4f9637b8edf660e1514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:07 GMT
server
cloudflare
age
2665
etag
W/"65d770ef-12a7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a921fc465d9-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
5160.chunk.c0f818112f9929327879.js
s1.nordaccount.com/assets/1.195.0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.195.0/5160.chunk.c0f818112f9929327879.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/index.be4fcf63f52c7ce71fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3464fb401f81da62fe7cec606c7bae3ebe62e6b56100216a8d40b417fa52dae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:06:07 GMT
server
cloudflare
age
3483
etag
W/"65d770ef-392b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86417a921cfa383b-FRA
expires
Fri, 14 Mar 2025 04:21:45 GMT
truncated
/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6

Request headers

Referer
Origin
https://nordaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
google.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/ 		993 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/google.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19fb0add43c51d6a0073ab390ace41c76cf978108c247718f720bd2419768802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:31 GMT
server
cloudflare
age
46111
etag
W/"657082f3-3e1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
86417a925d26383b-FRA
expires
Sun, 14 Apr 2024 04:21:45 GMT
apple.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/ 		673 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/apple.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae729ce923ef18b3ec13e5e0b2dd2384278efbe3fec807fb99bcf9e31407c4b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:31 GMT
server
cloudflare
age
37279
etag
W/"657082f3-2a1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
86417a925d28383b-FRA
expires
Sun, 14 Apr 2024 04:21:45 GMT
cc
d.nordaccount.com/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordaccount.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
86417a92881c65d9-FRA
content-length
0
date
Thu, 14 Mar 2024 04:21:46 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
cc
d.nordaccount.com/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordaccount.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
86417a92881d65d9-FRA
content-length
0
date
Thu, 14 Mar 2024 04:21:46 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
cc
d.nordaccount.com/1/ 		0
66 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/434.chunk.0022db8470b0569abd39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 04:21:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-allow-credentials
true
cf-ray
86417a933d803810-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
0
x-request-id
eaafcf30f6638417e2a495aca8720741
cc
d.nordaccount.com/1/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/434.chunk.0022db8470b0569abd39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 04:21:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-allow-credentials
true
cf-ray
86417a933d7e3810-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
0
x-request-id
9eaa5c0478306d477409e4db057055f7
moon.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/ 		557 B
642 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/moon.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/434.chunk.0022db8470b0569abd39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:31 GMT
server
cloudflare
age
41933
etag
W/"657082f3-22d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
86417a92780c65d9-FRA
expires
Sun, 14 Apr 2024 04:21:46 GMT
globe-language.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/ 		1017 B
930 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/globe-language.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.195.0/434.chunk.0022db8470b0569abd39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:31 GMT
server
cloudflare
age
37281
etag
W/"657082f3-3f9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
86417a92780d65d9-FRA
expires
Sun, 14 Apr 2024 04:21:46 GMT
nordaccount.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/logos/horizontal/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2154.0/images/account/global/logos/horizontal/nordaccount.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
388cff5cc34ac3845f0e50d43dcf6e1803c0db1397faaab2e623ebfb2a1b262b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:21:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 14:19:32 GMT
server
cloudflare
age
32413
etag
W/"657082f4-a5e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
86417a927d3f383b-FRA
expires
Sun, 14 Apr 2024 04:21:46 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getCookie boolean| isDark object| isDarkCookie string| assetsBasePath object| nordAppData object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| webpackChunk_nord_account_client object| regeneratorRuntime object| __cfBeacon object| __REACT_INTL_CONTEXT__ object| _growthbook object| tracy object| __SENTRY__

17 Cookies

Domain/Path Name / Value
.nordvpn.com/ Name: iterableEmailCampaignId
Value: 9191694
.nordvpn.com/ Name: iterableTemplateId
Value: 12157236
.nordvpn.com/ Name: iterableMessageId
Value: 40fb3c292d414e6a884dac5bfdf59a42
.nordvpn.com/ Name: iterableEndUserId
Value: cryptonaryxk%40gmail.com
links.nordvpn.com/ Name: XSRF-TOKEN
Value: 2c32ac02bc60f430bfec16ad74991b4b259a8b57-1710390104298-8319f03b469bd01731cce2e2
.nordvpn.com/ Name: __cf_bm
Value: GUulcgnQmimMAXkLpJDqA89EPm9QlcZN636afVz42KU-1710390104-1.0.1.1-Me3LHWN6yGocgxYVB7CG9g4IquyMwvM3PW0oH8IwnWJR4mrgTYHpw2l0giV0nYpDxoNV0qAkjTM1tFi_izYvPkVuVe28F.8j.exhSZxsaB4
my.nordaccount.com/ Name: PHPSESSID
Value: 426d9af465f8d6ae742165752a530005
.nordaccount.com/ Name: locale
Value: en
.nordaccount.com/ Name: __cf_bm
Value: GAYtDI5e1vtr3VeISYwqd2Za.MKrT2ButJ8i7QxysQU-1710390104-1.0.1.1-QoTq9fkvD9Bitt4k6Rd1IWvvTk3YO_OQqbGvu5nxjuuoEVAoumgdqAgjsHklulINH7cxBBY8lS.tsYQdWdUh7DplzKqekbuIYFbDiUlZWkI
auth.nordaccount.com/ Name: oauth2_authentication_csrf
Value: MTcxMDM5MDEwNHxEWDhFQVFMX2dBQUJFQUVRQUFBLV80QUFBUVp6ZEhKcGJtY01CZ0FFWTNOeVpnWnpkSEpwYm1jTUlnQWdNV1JoTlRGa016UXpPREkwTkdWbU4yRm1PRGt5Wmpkak9EZ3lNRFkxWmpNPXzBMkir6UqsYhImr8JY8gPrFbxEdpFvFV8aeibQxMIbAQ==
nordaccount.com/ Name: sessions_bag
Value: MTcxMDM5MDEwNXxHWDhEQVFFRFFtRm5BZi1BQUFFQkFRUlZWVWxFQVF3QUFBQXBfNEFCSkdVd1l6YzBNMk14TFRkaFpEa3RORGcyWkMwNFlUaG1MVFl4TjJWbVlXWTFOVFkwWXdBPXxhA_izMi9o0WlfRiQVGLuiE9EOPF_1tNrnKJsR9u5PTA==
nordaccount.com/ Name: request
Value: 16c0a3ec-4bc7-4dd5-becf-98ee1b6c0145
nordaccount.com/ Name: csrf
Value: yPgQxqTgPBmBXlpuVfVoUdyFbyjwBwSm
.nordaccount.com/ Name: nv_tri
Value: TC_39830997837113946_1710390105615
.nordaccount.com/ Name: cf_clearance
Value: pDx6YBTA2oadwDzYl6.CRkohAZ59s3Ihhiaxf1LV8zs-1710390105-1.0.1.1-KduBFc4l9oGNEpOEdjM0nQhw6ysUg_Oup7OUiP45E7xUIeakWVPOnQM9opHp6gaD0loRgla.ASPwVX55cQy3iQ
.nordaccount.com/ Name: font-css-en
Value: true
.nordaccount.com/ Name: nv_trs
Value: 1710390105616_1710390105982_1_2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-gateway.nordaccount.com
auth.nordaccount.com
d.nordaccount.com
debug.nordsec.com
links.nordvpn.com
my.nordaccount.com
nordaccount.com
s1.nordaccount.com
s1.nordcdn.com
static.cloudflareinsights.com
104.19.159.190
2606:4700:4400::ac40:9937
2606:4700:4400::ac40:9a46
2606:4700::6810:5049
2606:4700::6811:cfed
06bb1c20b09262acbdeed22c5d28d4fe49a5c1dd07fc0fb5842f9333daf87977
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
19fb0add43c51d6a0073ab390ace41c76cf978108c247718f720bd2419768802
25aed97aca736ba96a0de3e0b2639b1d59efb90c699a0d8c04b5358414c6577a
2f321530a1aca1c8f24a85e607ea85498da8d29f7cb9e4f9637b8edf660e1514
2f8f7762bff87718049b92c138fd31263ea7fd62995b9662142b9259325a1316
388cff5cc34ac3845f0e50d43dcf6e1803c0db1397faaab2e623ebfb2a1b262b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
530f313f15ddbdfd3c69c05cab4a3c1f657138fc1fc1ff254f78a69a7d2e492a
5a8eb7cefe4daebe918ab075812477c950adf01baefdae4f532c0a207cdb9c8c
60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
7081f2c99b033822b71cc45773ed5d59f8a7ccbed70cb8b19bcd8e08868fd658
8017dde5fd246b604dc50ee5dd616f508d497e53d4941ccbdc17f0de39a79350
8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62
9d3fc1037432e0e47b34528269e5e49f8686a9b4f3744ff001f824de3c182c92
a24cfeec79e34fba012d21bfaae0dcace06d50c2895b73836e1722d97029158e
ae729ce923ef18b3ec13e5e0b2dd2384278efbe3fec807fb99bcf9e31407c4b0
be3cc393f904a7a9ea5fe28d5df2181898e38b658de5821a693377c522cd04d6
c6e45ac928c5941248dce77854b50d385d92abab677a9bb116a73e9d1667afda
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3464fb401f81da62fe7cec606c7bae3ebe62e6b56100216a8d40b417fa52dae