nordaccount.com Open in urlscan Pro
2606:4700:4400::ac40:9a46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nordaccount.com/login/identifier?challenge=1%7cd6e73573a4a942a684c34347ad4eefdd
Submission: On December 25 via api (December 25th 2023, 3:40:54 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 28 HTTP transactions. The main IP is 2606:4700:4400::ac40:9a46, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordaccount.com. The Cisco Umbrella rank of the primary domain is 219668.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on February 28th 2023. Valid for: a year.

This is the only time nordaccount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:440... 2606:4700:4400::ac40:9a46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:440... 2606:4700:4400::6812:21ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d0ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.208.203 104.16.208.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	7

15 2606:4700:4400::ac40:9a46 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nordaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.nordaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:21ba (United States)

ASN13335 (CLOUDFLARENET, US)

s1.nordaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-gateway.nordaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d0ed (United States)

ASN13335 (CLOUDFLARENET, US)

s1.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.208.203 (None, )

ASN13335 (CLOUDFLARENET, US)

tracy.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22c9 (United States)

ASN13335 (CLOUDFLARENET, US)

debug.nordsec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	nordaccount.com 1 redirects nordaccount.com — Cisco Umbrella Rank: 219668 s1.nordaccount.com — Cisco Umbrella Rank: 354552 api-gateway.nordaccount.com — Cisco Umbrella Rank: 367137	354 KB
4	nordvpn.com tracy.nordvpn.com — Cisco Umbrella Rank: 201937	1 KB
1	nordcdn.com s1.nordcdn.com — Cisco Umbrella Rank: 157093	105 KB
1	nordsec.com debug.nordsec.com — Cisco Umbrella Rank: 320454 Failed	275 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
28	5

	Domain	Requested by
15	s1.nordaccount.com	nordaccount.com s1.nordaccount.com
5	nordaccount.com	1 redirects nordaccount.com s1.nordaccount.com
4	tracy.nordvpn.com	s1.nordaccount.com
1	s1.nordcdn.com	s1.nordaccount.com
1	api-gateway.nordaccount.com	s1.nordaccount.com
1	debug.nordsec.com	s1.nordaccount.com
1	static.cloudflareinsights.com	nordaccount.com
28	7

This site contains links to these domains. Also see Links.

Domain
my.nordaccount.com

Subject Issuer	Validity	Valid
*.nordaccount.com AlphaSSL CA - SHA256 - G4	`2023-02-28` - `2024-03-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.nordcdn.com AlphaSSL CA - SHA256 - G4	`2023-02-28` - `2024-03-31`	a year	crt.sh
*.nordvpn.com AlphaSSL CA - SHA256 - G4	`2023-09-18` - `2024-10-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://nordaccount.com/login/identifier?challenge=1%7cd6e73573a4a942a684c34347ad4eefdd
Frame ID: 84D46D7FCC805E0C2A5D5AF050719208
Requests: 26 HTTP requests in this frame

Frame: https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 3443596B21549CDA388AD98A7DE1974D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Quick, easy, and secure login with Nord Account.

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

28
Requests

93 %
HTTPS

83 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

536 kB
Transfer

2130 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://my.nordaccount.com/legal/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

28 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request identifier Show response
nordaccount.com/login/ 8 KB
5 KB 245ms
171ms Document
text/html 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordaccount.com/login/identifier?challenge=1%7cd6e73573a4a942a684c34347ad4eefdd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8220076c7cb9c1fb50d78b1e84d7a276e3b5acb316f69d10f4d9385765f03e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 83b22f44a9c7912b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 15:40:48 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding, Cookie
x-frame-options: DENY

GET
H2 200 index.490b2ae1e89974279864.js Show response
s1.nordaccount.com/assets/1.185.1/ 33 KB
12 KB 88ms
66ms Script
application/javascript 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Requested by

Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=1%7cd6e73573a4a942a684c34347ad4eefdd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50bd26e4f83fa62af67961bfa7d51427bd8400274cceeb69b9445bb4ed2faef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 2248
etag: W/"6579af69-8354"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f45fb6b912b-FRA
expires: Tue, 24 Dec 2024 15:40:48 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 130ms
81ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=1%7cd6e73573a4a942a684c34347ad4eefdd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin: https://nordaccount.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83b22f462b024d6d-FRA

GET
H2 200 434.ace3079770de4526cb42.css
s1.nordaccount.com/assets/1.185.1/ 909 KB
84 KB 96ms
40ms Stylesheet
text/css 2606:4700:4400::6812:21ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/434.ace3079770de4526cb42.css

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e45ac928c5941248dce77854b50d385d92abab677a9bb116a73e9d1667afda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://nordaccount.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 3471
etag: W/"6579af69-e335f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f46e9d79153-FRA
expires: Tue, 24 Dec 2024 15:40:49 GMT

GET
H2 200 434.chunk.ace3079770de4526cb42.js Show response
s1.nordaccount.com/assets/1.185.1/ 779 KB
201 KB 46ms
43ms Script
application/javascript 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/434.chunk.ace3079770de4526cb42.js

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b745016b0655afa1228855a209f34fafc58e3af072ca97905322e967377fc48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 1815
etag: W/"6579af69-c2bc0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f469c4d912b-FRA
expires: Tue, 24 Dec 2024 15:40:49 GMT

GET
H2 200 1668.72727fc2b0e69d7fe27d.css
s1.nordaccount.com/assets/1.185.1/ 8 KB
3 KB 85ms
32ms Stylesheet
text/css 2606:4700:4400::6812:21ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/1668.72727fc2b0e69d7fe27d.css

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dee19d1dc76fb8edf65e220a32852b5deb3322201e86862aadff17d93db53473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://nordaccount.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 3471
etag: W/"6579af69-1fc8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f46e9db9153-FRA
expires: Tue, 24 Dec 2024 15:40:49 GMT

GET
H2 200 1668.chunk.72727fc2b0e69d7fe27d.js Show response
s1.nordaccount.com/assets/1.185.1/ 88 KB
19 KB 36ms
34ms Script
application/javascript 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/1668.chunk.72727fc2b0e69d7fe27d.js

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

504e1af1407d652def59c0147654b615dec65a66ca2cbc5a5fd961f3bd62bbe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 1411
etag: W/"6579af69-15ea8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f469c52912b-FRA
expires: Tue, 24 Dec 2024 15:40:49 GMT

GET
H2

200

main.js Show response
nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 3443
Redirect Chain

https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

33ms
27ms

Script
application/javascript

2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: nordaccount.com
URL: https://nordaccount.com/login/identifier?challenge=1%7cd6e73573a4a942a684c34347ad4eefdd

Protocol

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12286c601738ed120aac4654b47444fd413927d013c0ab25b28af8e5916eaea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83b22f473d19912b-FRA

Redirect headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 83b22f46cc94912b-FRA

POST /
debug.nordsec.com/api/7/envelope/ 0
0

GET
H2 200 features Show response
api-gateway.nordaccount.com/v1/tracking/ 17 B
519 B 175ms
154ms Fetch
application/json 2606:4700:4400::6812:21ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-gateway.nordaccount.com/v1/tracking/features

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/434.chunk.ace3079770de4526cb42.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530f313f15ddbdfd3c69c05cab4a3c1f657138fc1fc1ff254f78a69a7d2e492a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nordaccount.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://nordaccount.com
access-control-allow-credentials: true
cf-ray: 83b22f482b399153-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 17

POST
H2 204 rum Show response
nordaccount.com/cdn-cgi/ 0
141 B 27ms
27ms XHR
text/plain 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordaccount.com/cdn-cgi/rum?

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/434.chunk.ace3079770de4526cb42.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://nordaccount.com/login/identifier?challenge=1%7cd6e73573a4a942a684c34347ad4eefdd
accept-language: de-DE,de;q=0.9
baggage: sentry-environment=production,sentry-release=na%401.185.1,sentry-public_key=74d9a6c9eb9e4ae7a1b4ac941af3767c,sentry-trace_id=f40f96350bd34f3d96bf89621b396929,sentry-sample_rate=0.1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
sentry-trace: f40f96350bd34f3d96bf89621b396929-b6bb360f1176a7cb-1
content-type: application/json

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://nordaccount.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83b22f480e11912b-FRA

POST
H2 200 83b22f44a9c7912b Show response
nordaccount.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3443 0
234 B 59ms
59ms XHR
text/plain 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordaccount.com/cdn-cgi/challenge-platform/h/g/jsd/r/83b22f44a9c7912b

Requested by

Host: nordaccount.com
URL: https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
server: cloudflare
cf-ray: 83b22f489eb3912b-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 en-woff2.css Show response
s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/ 139 KB
105 KB 160ms
43ms XHR
text/css 2606:4700::6811:d0ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/en-woff2.css

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/434.chunk.ace3079770de4526cb42.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d0ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 13:47:21 GMT
server: cloudflare
age: 4479
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=16070400
cf-ray: 83b22f495b465d92-FRA
expires: Fri, 28 Jun 2024 15:40:49 GMT

GET
H2 200 1696.chunk.427c0e17ec01403c00a0.js Show response
s1.nordaccount.com/assets/1.185.1/ 25 KB
8 KB 34ms
33ms Script
application/javascript 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/1696.chunk.427c0e17ec01403c00a0.js

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd279a9ba4954296bd7fc0d719edb7780c88c9ddde0b2730e7333c9e178a254d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 2248
etag: W/"6579af69-62bd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f4a1873912b-FRA
expires: Tue, 24 Dec 2024 15:40:49 GMT

GET
H2 200 3960.chunk.6b2c9c52d11a4d6f7847.js Show response
s1.nordaccount.com/assets/1.185.1/ 11 KB
4 KB 33ms
32ms Script
application/javascript 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/3960.chunk.6b2c9c52d11a4d6f7847.js

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5e34b7054a78350452aae42e24d6dfa1d7224ef907c17158a1107593e47bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 1410
etag: W/"6579af69-2cb8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f4a1875912b-FRA
expires: Tue, 24 Dec 2024 15:40:49 GMT

GET
H2 200 2834.chunk.4c5d3e296af8a4a9d824.js Show response
s1.nordaccount.com/assets/1.185.1/ 12 KB
5 KB 35ms
34ms Script
application/javascript 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/2834.chunk.4c5d3e296af8a4a9d824.js

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

959633ce530cd7636e7d2ab9ee9a90ecec658397e26b41c6655370b2ef7cd0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 1410
etag: W/"6579af69-31f3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f4a1877912b-FRA
expires: Tue, 24 Dec 2024 15:40:49 GMT

GET
H2 200 8520.35df535f117061d4f5d4.css
s1.nordaccount.com/assets/1.185.1/ 3 KB
1 KB 33ms
33ms Stylesheet
text/css 2606:4700:4400::6812:21ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/8520.35df535f117061d4f5d4.css

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3987ba9b6da10cff16a8c7f8024e9a3b61c169cb7b53cc1ddbe6e3f85d8fe38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://nordaccount.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 924
etag: W/"6579af69-cce"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f4a1d689153-FRA
expires: Tue, 24 Dec 2024 15:40:49 GMT

GET
H2 200 8520.chunk.35df535f117061d4f5d4.js Show response
s1.nordaccount.com/assets/1.185.1/ 14 KB
5 KB 47ms
46ms Script
application/javascript 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/assets/1.185.1/8520.chunk.35df535f117061d4f5d4.js

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/index.490b2ae1e89974279864.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

208c9c22978026ccd09734d93ab1a156bcec7f0ee768f605c8f3c0c497ef1867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 13:19:37 GMT
server: cloudflare
age: 422
etag: W/"6579af69-3875"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b22f4a1878912b-FRA
expires: Tue, 24 Dec 2024 15:40:49 GMT

GET
H2 200 google.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/ 993 B
567 B 43ms
43ms Image
image/svg+xml 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/google.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19fb0add43c51d6a0073ab390ace41c76cf978108c247718f720bd2419768802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 14:19:31 GMT
server: cloudflare
age: 40097
etag: W/"657082f3-3e1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 83b22f4a78e4912b-FRA
expires: Thu, 25 Jan 2024 15:40:49 GMT

GET
H2 200 apple.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/ 673 B
556 B 36ms
36ms Image
image/svg+xml 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/24/apple.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae729ce923ef18b3ec13e5e0b2dd2384278efbe3fec807fb99bcf9e31407c4b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 14:19:31 GMT
server: cloudflare
age: 17268
etag: W/"657082f3-2a1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 83b22f4a78e6912b-FRA
expires: Thu, 25 Jan 2024 15:40:49 GMT

GET
DATA 200
OK truncated
/ 33 KB
33 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f679d7185c235059b2dc86033e7f155e6f9d1cd0116336bafae9bfb6ec51c0d

Request headers

Referer
Origin: https://nordaccount.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2635b90a24a19aec8e6e69e8361d52e4df8818a22addddf1d93f1e5c13e5997

Request headers

Referer
Origin: https://nordaccount.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

OPTIONS
H2 204 collect
tracy.nordvpn.com/v1/ Frame 0
0 223ms
143ms Preflight 104.16.208.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracy.nordvpn.com/v1/collect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.208.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordaccount.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordaccount.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b22f4b1edc2bca-FRA
content-length: 0
date: Mon, 25 Dec 2023 15:40:49 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

OPTIONS
H2 204 collect
tracy.nordvpn.com/v1/ Frame 0
0 224ms
147ms Preflight 104.16.208.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracy.nordvpn.com/v1/collect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.208.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nordaccount.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordaccount.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b22f4b1ed82bca-FRA
content-length: 0
date: Mon, 25 Dec 2023 15:40:49 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

POST
H3 202 collect
tracy.nordvpn.com/v1/ 0
578 B 207ms
164ms Ping
text/plain 104.16.208.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracy.nordvpn.com/v1/collect

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/434.chunk.ace3079770de4526cb42.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.208.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 15:40:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 600
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordaccount.com
access-control-allow-credentials: true
cf-ray: 83b22f4c4c7c3620-FRA
alt-svc: h3=":443"; ma=86400
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0
x-request-id: a2cd0ff519ede02199b597d558c831dc

POST
H3 202 collect
tracy.nordvpn.com/v1/ 0
540 B 205ms
166ms Ping
text/plain 104.16.208.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracy.nordvpn.com/v1/collect

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/434.chunk.ace3079770de4526cb42.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.208.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 15:40:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 600
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nordaccount.com
access-control-allow-credentials: true
cf-ray: 83b22f4c4c7f3620-FRA
alt-svc: h3=":443"; ma=86400
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0
x-request-id: dec4f135f43cc94792366a9c2487f234

GET
H2 200 moon.svg Show response
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/ 557 B
706 B 33ms
33ms Fetch
image/svg+xml 2606:4700:4400::6812:21ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/moon.svg

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/434.chunk.ace3079770de4526cb42.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 14:19:31 GMT
server: cloudflare
age: 438071
etag: W/"657082f3-22d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 83b22f4aae219153-FRA
expires: Thu, 25 Jan 2024 15:40:49 GMT

GET
H2 200 globe-language.svg Show response
s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/ 1017 B
830 B 36ms
35ms Fetch
image/svg+xml 2606:4700:4400::6812:21ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordaccount.com/media/1.2154.0/images/account/global/icons/16/globe-language.svg

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/434.chunk.ace3079770de4526cb42.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 14:19:31 GMT
server: cloudflare
age: 438195
etag: W/"657082f3-3f9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 83b22f4aae249153-FRA
expires: Thu, 25 Jan 2024 15:40:49 GMT

GET
H2 200 nordaccount.svg
s1.nordaccount.com/media/1.2154.0/images/account/global/logos/horizontal/ 3 KB
1 KB 31ms
31ms Image
image/svg+xml 2606:4700:4400::ac40:9a46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordaccount.com/media/1.2154.0/images/account/global/logos/horizontal/nordaccount.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

388cff5cc34ac3845f0e50d43dcf6e1803c0db1397faaab2e623ebfb2a1b262b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 14:19:32 GMT
server: cloudflare
age: 17268
etag: W/"657082f4-a5e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 83b22f4aa925912b-FRA
expires: Thu, 25 Jan 2024 15:40:49 GMT

POST
H2 200 / Show response
debug.nordsec.com/api/7/envelope/ 41 B
275 B 152ms
152ms Fetch
application/json 2606:4700:4400::6812:22c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1

Requested by

Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.185.1/434.chunk.ace3079770de4526cb42.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f84fd24b05d347b8d7cf685bb8f2c17dc2503ee94f97685cd0ed8a4192312ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nordaccount.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Dec 2023 15:40:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
cf-ray: 83b22f513e64690f-FRA
content-length: 41

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: debug.nordsec.com
URL: https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nordaccount.com/	1970-01-20 17:13:25	Name: csrf Value: qfmUXISyuUArJDQFaDjZcybTUxnssSbe
nordaccount.com/	1970-01-21 01:57:55	Name: sessions_bag Value: MTcwMzUxODg0OHxHWDhEQVFFRFFtRm5BZi1BQUFFQkFRUlZWVWxFQVF3QUFBQXBfNEFCSkRNME1qUTJNVFUyTFRVNE1USXROR000TWkwNE9URm1MV1kyTmpZMk5EbG1OVE16T1FBPXzbm3pj74xat2d5u0jpm0Wr3Ckjzv23gio8gd8Trg02ow==
nordaccount.com/	1970-01-20 17:55:10	Name: request Value: b1a3b459-60a0-4592-8da2-d214140c7f19
.nordaccount.com/	1970-01-20 17:12:00	Name: __cf_bm Value: zN.AY_y9DIa0uiuHFPOdUfOut2niNoMlFAFJFdL0PlE-1703518848-1-ATetQxPcpdvi2sTU86MY83soqBrhrnGMqZySe6n6ZbVFH86fyp4ojBGGCJZJ+UU87iM0lra9JyzQ7tag/puCcfa5tY7rh69rRuL1Ql1eWEvo
.nordaccount.com/	1970-01-21 02:47:58	Name: nv_tri Value: TC_44622290290523914_1703518849233
.nordaccount.com/	1970-01-21 01:57:34	Name: cf_clearance Value: lrOyVZRC5ax80jlctJZets4nwTXM78mM6al_J8iKe4g-1703518849-0-2-3762bf7f.b172806.6063e09f-0.2.1703518849
.nordaccount.com/	1970-01-20 17:22:03	Name: font-css-en Value: true
.nordaccount.com/	1970-01-21 02:47:58	Name: nv_trs Value: 1703518849234_1703518849690_1_2
.nordvpn.com/	1970-01-20 17:12:00	Name: __cf_bm Value: ZeyGiBifJay3wz56cXUTAKbUOTe8y.SuycIzViSvOSk-1703518850-1-AWsSjnPielR/iTvfpXS8ue3f4yfSEfIMLSF4dIbw0l626DCAJOZO5w44+5VKMxOh31f+P+2uBX/VSNOiEkaOqac=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://nordaccount.com/login/identifier?challenge=1%7cd6e73573a4a942a684c34347ad4eefdd Message: Access to fetch at 'https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1' from origin 'https://nordaccount.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-gateway.nordaccount.com
debug.nordsec.com
nordaccount.com
s1.nordaccount.com
s1.nordcdn.com
static.cloudflareinsights.com
tracy.nordvpn.com
debug.nordsec.com
104.16.208.203
2606:4700:4400::6812:21ba
2606:4700:4400::6812:22c9
2606:4700:4400::ac40:9a46
2606:4700::6810:3865
2606:4700::6811:d0ed
0b745016b0655afa1228855a209f34fafc58e3af072ca97905322e967377fc48
0e5e34b7054a78350452aae42e24d6dfa1d7224ef907c17158a1107593e47bb6
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
12286c601738ed120aac4654b47444fd413927d013c0ab25b28af8e5916eaea0
19fb0add43c51d6a0073ab390ace41c76cf978108c247718f720bd2419768802
208c9c22978026ccd09734d93ab1a156bcec7f0ee768f605c8f3c0c497ef1867
388cff5cc34ac3845f0e50d43dcf6e1803c0db1397faaab2e623ebfb2a1b262b
4f679d7185c235059b2dc86033e7f155e6f9d1cd0116336bafae9bfb6ec51c0d
504e1af1407d652def59c0147654b615dec65a66ca2cbc5a5fd961f3bd62bbe9
530f313f15ddbdfd3c69c05cab4a3c1f657138fc1fc1ff254f78a69a7d2e492a
60fdec35ee60c58dcbcdc6e17aad202ab7daa6a06653bf625f1c1fab95ebd706
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
8220076c7cb9c1fb50d78b1e84d7a276e3b5acb316f69d10f4d9385765f03e9c
8add00a7281d4aef342cd778ba5df52ff82392a6d53075f8ed696e577eb0d10f
8f84fd24b05d347b8d7cf685bb8f2c17dc2503ee94f97685cd0ed8a4192312ce
959633ce530cd7636e7d2ab9ee9a90ecec658397e26b41c6655370b2ef7cd0c1
a3987ba9b6da10cff16a8c7f8024e9a3b61c169cb7b53cc1ddbe6e3f85d8fe38
ae729ce923ef18b3ec13e5e0b2dd2384278efbe3fec807fb99bcf9e31407c4b0
c50bd26e4f83fa62af67961bfa7d51427bd8400274cceeb69b9445bb4ed2faef
c6e45ac928c5941248dce77854b50d385d92abab677a9bb116a73e9d1667afda
dd279a9ba4954296bd7fc0d719edb7780c88c9ddde0b2730e7333c9e178a254d
dee19d1dc76fb8edf65e220a32852b5deb3322201e86862aadff17d93db53473
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2635b90a24a19aec8e6e69e8361d52e4df8818a22addddf1d93f1e5c13e5997

nordaccount.com Open in urlscan Pro 2606:4700:4400::ac40:9a46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

93 %HTTPS

83 %IPv6

5 Domains

7 Subdomains

7 IPs

2 Countries

536 kBTransfer

2130 kBSize

9 Cookies

1 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nordaccount.com Open in urlscan Pro
2606:4700:4400::ac40:9a46 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

93 %
HTTPS

83 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

536 kB
Transfer

2130 kB
Size

9
Cookies

28 HTTP transactions
2 data transactions