urlscan.io logo urlscan.io
SecurityTrails logo

nordaccount.com Open in urlscan Pro
2606:4700:4400::6812:21ba  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.nordpass.com/v1/users/oauth/login-redirect?attempt=011ef4ad-5044-4df7-9be2-880f3216614a
Effective URL: https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
Submission: On June 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2606:4700:4400::6812:21ba, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordaccount.com. The Cisco Umbrella rank of the primary domain is 202976.
TLS certificate: Issued by GlobalSign GCC R6 AlphaSSL CA 2023 on March 13th 2024. Valid for: a year.
This is the only time nordaccount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.41.238 13335 (CLOUDFLAR...)
1 6 2606:4700:440... 13335 (CLOUDFLAR...)
12 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:264... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
21 6
1    104.18.41.238 (None, )

ASN13335 (CLOUDFLARENET, US)
api.nordpass.com
6    2606:4700:4400::6812:21ba (United States)

ASN13335 (CLOUDFLARENET, US)
nordaccount.com
d.nordaccount.com
12    2606:4700:4400::ac40:9a46 (United States)

ASN13335 (CLOUDFLARENET, US)
s1.nordaccount.com
d.nordaccount.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2600:9000:2644:9200:6:e337:e340:93a1 (United States)

ASN16509 (AMAZON-02, US)
sb.nordcdn.com
1    2606:4700::6810:9b6f (United States)

ASN13335 (CLOUDFLARENET, US)
s1.nordcdn.com
Apex Domain
Subdomains		 Transfer
18 nordaccount.com
nordaccount.com — Cisco Umbrella Rank: 202976
s1.nordaccount.com — Cisco Umbrella Rank: 367745
d.nordaccount.com — Cisco Umbrella Rank: 360798
378 KB
2 nordcdn.com
sb.nordcdn.com — Cisco Umbrella Rank: 416326
s1.nordcdn.com — Cisco Umbrella Rank: 164037
111 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 951
7 KB
1 nordpass.com
api.nordpass.com — Cisco Umbrella Rank: 57779
583 B
0 nordsec.com Failed
debug.nordsec.com Failed
21 5
Domain Requested by
11 s1.nordaccount.com nordaccount.com
s1.nordaccount.com
5 nordaccount.com 1 redirects nordaccount.com
s1.nordaccount.com
2 d.nordaccount.com s1.nordcdn.com
1 s1.nordcdn.com s1.nordaccount.com
1 sb.nordcdn.com s1.nordaccount.com
1 static.cloudflareinsights.com nordaccount.com
1 api.nordpass.com 1 redirects
0 debug.nordsec.com Failed s1.nordaccount.com
21 8

This site contains links to these domains. Also see Links.

Domain
my.nordaccount.com
Subject Issuer Validity Valid
*.nordaccount.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-03-13 -
2025-04-14		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
nordsecurity.bynder.com
Amazon RSA 2048 M02		 2024-02-06 -
2025-03-06		 a year crt.sh
*.nordcdn.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-03-13 -
2025-04-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
Frame ID: F1E47414635629EA4584AE2B3F228750
Requests: 20 HTTP requests in this frame

Frame: https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: D6A15D64425C83EC805E642FE3EE61AF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quick, easy, and secure login with Nord Account.

Page URL History Show full URLs

  1. https://api.nordpass.com/v1/users/oauth/login-redirect?attempt=011ef4ad-5044-4df7-9be2-880f3216614a HTTP 302
    https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect Page URL

Page Statistics

21
Requests

90 %
HTTPS

83 %
IPv6

5
Domains

8
Subdomains

6
IPs

2
Countries

564 kB
Transfer

2093 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.nordpass.com/v1/users/oauth/login-redirect?attempt=011ef4ad-5044-4df7-9be2-880f3216614a HTTP 302
    https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nordaccount.com/product/nordpass/login/error/
Redirect Chain
  • https://api.nordpass.com/v1/users/oauth/login-redirect?attempt=011ef4ad-5044-4df7-9be2-880f3216614a
  • https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb026c280dabe53dd51b5bcebf8a3025845ab6ea6c0f075227d3282f368ecb2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
89337f4028eb3642-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 13 Jun 2024 16:36:00 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie
x-frame-options
DENY

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
89337f3d088e2685-TXL
content-type
text/html; charset=UTF-8
date
Thu, 13 Jun 2024 16:36:00 GMT
location
https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-request-id
666B1FF0-7FA23A7256F-102-AC10186701BB
index.f1ef246d506ce288db0a.js
s1.nordaccount.com/assets/1.217.0/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.217.0/index.f1ef246d506ce288db0a.js
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efeeac77aac35d9bf6cbf7564e1b06eb031442843d3518a1c08b391043f3224e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:30:01 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2803
etag
W/"66670de9-81a8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f4469e8bb4d-FRA
expires
Fri, 13 Jun 2025 16:36:01 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:01 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
89337f4458ef1963-FRA
6957.6f80ff17d1010b348273.css
s1.nordaccount.com/assets/1.217.0/ 		909 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.217.0/6957.6f80ff17d1010b348273.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/index.f1ef246d506ce288db0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef8f45eb2ed75c9ddca936dd8ab2dffa95a6c0e3f123381f673e3f8079f23fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:08:10 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
944
etag
W/"666708ca-e3352"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f4638099c07-FRA
expires
Fri, 13 Jun 2025 16:36:01 GMT
6957.chunk.6f80ff17d1010b348273.js
s1.nordaccount.com/assets/1.217.0/ 		789 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.217.0/6957.chunk.6f80ff17d1010b348273.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/index.f1ef246d506ce288db0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03109fae85f6e946a81f9b7ea902b784a3055023a05eca72746844ad76032884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:08:10 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2272
etag
W/"666708ca-c52c8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f45dc98bb4d-FRA
expires
Fri, 13 Jun 2025 16:36:01 GMT
6496.677af827e82de831dda1.css
s1.nordaccount.com/assets/1.217.0/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.217.0/6496.677af827e82de831dda1.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/index.f1ef246d506ce288db0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3617250523fd81cca28325f980b12fdf9e6733c694d787dcd2c8863c3b853377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:30:01 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1739
etag
W/"66670de9-200b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f4638189c07-FRA
expires
Fri, 13 Jun 2025 16:36:01 GMT
6496.chunk.677af827e82de831dda1.js
s1.nordaccount.com/assets/1.217.0/ 		85 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.217.0/6496.chunk.677af827e82de831dda1.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/index.f1ef246d506ce288db0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e08dc81c216abebb69129b474f0aa56882f5c12267cf8c2b6d3b66c637521a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:30:01 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
863
etag
W/"66670de9-155c6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f45dc9abb4d-FRA
expires
Fri, 13 Jun 2025 16:36:01 GMT
main.js
nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame D6A1
Redirect Chain
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
Protocol
H2
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e305210229ae4d30a8de9aad68290f35cc4b89979f60f0aa59556c13252dab50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 13 Jun 2024 16:36:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
89337f474d6a3642-FRA

Redirect headers

date
Thu, 13 Jun 2024 16:36:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
89337f461b503642-FRA
content-length
0
89337f4028eb3642
nordaccount.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D6A1 		0
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/g/jsd/r/89337f4028eb3642
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Jun 2024 16:36:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
89337f4a5b383642-FRA
content-length
0
content-type
text/plain; charset=UTF-8
7212.chunk.63f3b5151a5bdeb25388.js
s1.nordaccount.com/assets/1.217.0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.217.0/7212.chunk.63f3b5151a5bdeb25388.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/index.f1ef246d506ce288db0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13736ceaebd46b3ff9e72f3139a0abcee67857bb312757e0f2499748cf77172b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:08:10 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
210
etag
W/"666708ca-2321"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f4afc2bbb4d-FRA
expires
Fri, 13 Jun 2025 16:36:02 GMT
/
debug.nordsec.com/api/7/envelope/ 		0
0
en-woff2
sb.nordcdn.com/m/1f322001e9afbdc5/original/ 		139 KB
106 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sb.nordcdn.com/m/1f322001e9afbdc5/original/en-woff2
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/6957.chunk.6f80ff17d1010b348273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:9200:6:e337:e340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1470fbce81226e1cf7776b3c45e31fb4cb8d7bf11a1e8c00881b1dcd3c151d37
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 07:45:13 GMT
content-encoding
gzip
via
1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P6
age
31849
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-disposition
attachment;filename="en-woff2.css"
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
text/css
access-control-allow-origin
*
x-api-correlation-id
beab9545-a268-9290-5a91-3032e4cec5e2
cache-control
public, max-age=172800
permissions-policy
camera=(), geolocation=(), microphone=()
accept-ranges
bytes
x-amz-cf-id
PEUpE9akoWNE1JXGVjFRIjkTqBBr4Hcpm3OgKqo6lGTIXe8jehqnFg==
index.js
s1.nordcdn.com/d/nordaccount/prod/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/d/nordaccount/prod/index.js?cu=https://d.nordaccount.com/1/cc&p=nordaccount&cv=1.217.0
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/6957.chunk.6f80ff17d1010b348273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9b6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3a004930ebcf7abd4a773dabf70828f3ce67b5f515af3dcfce20744f308d96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 04 Jun 2024 07:51:49 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
170513
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
89337f4e7a62bb97-FRA
moon.svg
s1.nordaccount.com/assets/1.217.0/images/icons/16/ 		557 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.217.0/images/icons/16/moon.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/6957.chunk.6f80ff17d1010b348273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:08:10 GMT
server
cloudflare
age
3428
etag
W/"666708ca-22d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f4e2cae9c07-FRA
expires
Fri, 13 Jun 2025 16:36:02 GMT
globe-language.svg
s1.nordaccount.com/assets/1.217.0/images/icons/16/ 		1017 B
892 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.217.0/images/icons/16/globe-language.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/6957.chunk.6f80ff17d1010b348273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:08:10 GMT
server
cloudflare
age
2390
etag
W/"666708ca-3f9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f4e2cb09c07-FRA
expires
Fri, 13 Jun 2025 16:36:02 GMT
nordpass-light.svg
s1.nordaccount.com/assets/1.217.0/images/logos/horizontal/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/assets/1.217.0/images/logos/horizontal/nordpass-light.svg
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d84f9eae9d803a1e84e64538c990e00ea0052a516bac8944f701dad503591b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:08:10 GMT
server
cloudflare
age
2559
etag
W/"666708ca-c50"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f4e28ccbb4d-FRA
expires
Fri, 13 Jun 2025 16:36:02 GMT
profile-error-light.svg
s1.nordaccount.com/assets/1.217.0/images/icons/48/ 		1 KB
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/assets/1.217.0/images/icons/48/profile-error-light.svg
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e2dbe88db6cd34ff83423bd3ceedc2927a8bdf503ed030df58d43d6064770e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 14:08:10 GMT
server
cloudflare
age
470
etag
W/"666708ca-48d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89337f4e28cabb4d-FRA
expires
Fri, 13 Jun 2025 16:36:02 GMT
cc
d.nordaccount.com/1/ 		0
236 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Requested by
Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/d/nordaccount/prod/index.js?cu=https://d.nordaccount.com/1/cc&p=nordaccount&cv=1.217.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Jun 2024 16:36:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-allow-credentials
true
cf-ray
89337f535c413642-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
0
x-request-id
23b0d033cd414306cd3196346ebcdf5c
cc
d.nordaccount.com/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.nordaccount.com/1/cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordaccount.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
89337f51eae99c07-FRA
content-length
0
date
Thu, 13 Jun 2024 16:36:03 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
rum
nordaccount.com/cdn-cgi/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/rum?
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.217.0/6957.chunk.6f80ff17d1010b348273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Referer
https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
baggage
sentry-environment=production,sentry-release=na%401.217.0,sentry-public_key=74d9a6c9eb9e4ae7a1b4ac941af3767c,sentry-trace_id=0914e4eafc8843fdb8df8588218dcd54,sentry-sample_rate=0.1,sentry-sampled=false
sentry-trace
0914e4eafc8843fdb8df8588218dcd54-a70eda07d35f7094-0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:03 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://nordaccount.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
89337f503eac3642-FRA
favicon.png
s1.nordaccount.com/assets/1.217.0/images/favicon/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.217.0/images/favicon/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c714b8e1575f0d6b619055b902c7f0ee01bbd52f2d8c6040c5ecd6c88a50abb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:36:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
858
content-length
1455
last-modified
Mon, 10 Jun 2024 14:08:10 GMT
server
cloudflare
etag
"666708ca-5af"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89337f51ee44bb4d-FRA
expires
Fri, 13 Jun 2025 16:36:03 GMT
truncated
/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6

Request headers

Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62

Request headers

Referer
Origin
https://nordaccount.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
debug.nordsec.com
URL
https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F8.7.0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| getCookie boolean| isDark object| isDarkCookie string| assetsBasePath object| nordAppData object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| webpackChunk_nord_account_client object| regeneratorRuntime object| __cfBeacon object| __REACT_INTL_CONTEXT__ object| _growthbook object| __SENTRY__ object| tcQueue function| tcSendEvent object| tcConfig object| tcHelpers object| tcContext

11 Cookies

Domain/Path Name / Value
api.nordpass.com/v1/users/oauth Name: NordPassSecurityCookie
Value: f5f7e40f-c577-43ac-81e8-f0860a07036e
.nordpass.com/ Name: __cf_bm
Value: TdtKyLanF3qtEvwTCgj8jieXIlJpbL_K.lT2fx_onm0-1718296560-1.0.1.1-ak4jAWNhUPBlrC8unhWfnPk1hxnW0xu600dDYfWsv79L.GZg31n99k470QRvrZRlcCxLV4wW9y_zm3EH0QiEvA
.nordpass.com/ Name: __cfruid
Value: 4f8826a69cfb53e48d4884728d05a7e8b78c0379-1718296560
nordaccount.com/ Name: csrf
Value: IuKYValhJVgVCIsNZdTiMgmDYCbWAMuq
nordaccount.com/ Name: sessions_bag
Value: MTcxODI5NjU2MHxHWDhEQVFFRFFtRm5BZi1BQUFFQkFRUlZWVWxFQVF3QUFBQXBfNEFCSkRFME1EVmxZV1l4TFdWbE1tVXROR0kwTlMwNU9ETmtMV00wT1RJeE5UWXpObVUyTndBPXzGA3UkijH6OFAnfnbtzysvUGXdXiLGuAFjfNBq78hTnQ==
nordaccount.com/ Name: request
Value: fddf3a97-8246-45b8-ac44-1342cf40926e
.nordaccount.com/ Name: __cf_bm
Value: zenTwag5rsR2iYQrD9x9V3_QDBCCri837lH58x1dhP0-1718296560-1.0.1.1-Gfe4ffocqD15.NLxYxMRqpm2hYDif0J97vhUO7dBChzWB.LFSfpqph9nPGB1RftwuvNwCp3QV0gPVM0MaPUU1qikrKaAMZ6h7ooPZnSs7NI
.nordaccount.com/ Name: cf_clearance
Value: w6rkoLlkHZMT11.xUDmswW8xInBcYt6VPdv_iOR9_04-1718296562-1.0.1.1-HOczWnU2Ji.VKnKYS462sbhLDGwJS1PR6aW12k5uIXl3bpMF3P3YPxWLcsYsPD2VcTTVDd41EgUqOo8MJgKDRw
.nordaccount.com/ Name: nv_tri
Value: TC_057405819677901926_1718296563079
.nordaccount.com/ Name: nv_trs
Value: 1718296563080_1718296563105_1_1
.nordaccount.com/ Name: font-css-en
Value: true

2 Console Messages

Source Level URL
Text
javascript error URL: https://nordaccount.com/product/nordpass/login/error/?code=2085&step=login-redirect
Message:
Access to fetch at 'https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F8.7.0' from origin 'https://nordaccount.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F8.7.0
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.nordpass.com
d.nordaccount.com
debug.nordsec.com
nordaccount.com
s1.nordaccount.com
s1.nordcdn.com
sb.nordcdn.com
static.cloudflareinsights.com
debug.nordsec.com
104.18.41.238
2600:9000:2644:9200:6:e337:e340:93a1
2606:4700:4400::6812:21ba
2606:4700:4400::ac40:9a46
2606:4700::6810:4f49
2606:4700::6810:9b6f
03109fae85f6e946a81f9b7ea902b784a3055023a05eca72746844ad76032884
13736ceaebd46b3ff9e72f3139a0abcee67857bb312757e0f2499748cf77172b
1470fbce81226e1cf7776b3c45e31fb4cb8d7bf11a1e8c00881b1dcd3c151d37
1b3a004930ebcf7abd4a773dabf70828f3ce67b5f515af3dcfce20744f308d96
3617250523fd81cca28325f980b12fdf9e6733c694d787dcd2c8863c3b853377
38e2dbe88db6cd34ff83423bd3ceedc2927a8bdf503ed030df58d43d6064770e
60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706
6d84f9eae9d803a1e84e64538c990e00ea0052a516bac8944f701dad503591b9
7e08dc81c216abebb69129b474f0aa56882f5c12267cf8c2b6d3b66c637521a2
7ef8f45eb2ed75c9ddca936dd8ab2dffa95a6c0e3f123381f673e3f8079f23fd
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f
9c714b8e1575f0d6b619055b902c7f0ee01bbd52f2d8c6040c5ecd6c88a50abb
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6
e305210229ae4d30a8de9aad68290f35cc4b89979f60f0aa59556c13252dab50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efeeac77aac35d9bf6cbf7564e1b06eb031442843d3518a1c08b391043f3224e
fb026c280dabe53dd51b5bcebf8a3025845ab6ea6c0f075227d3282f368ecb2e