urlscan.io logo urlscan.io
SecurityTrails logo

nordaccount.com Open in urlscan Pro
2606:4700:4400::6812:21ba  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.nordpass.com/v1/users/oauth/login-redirect?attempt=e66a09f7-2420-40ea-8ef3-3f39695a6ab9
Effective URL: https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect
Submission: On September 15 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2606:4700:4400::6812:21ba, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordaccount.com. The Cisco Umbrella rank of the primary domain is 184703.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on February 28th 2023. Valid for: a year.
This is the only time nordaccount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.64.146.18 13335 (CLOUDFLAR...)
1 13 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.19.159.190 13335 (CLOUDFLAR...)
20 7
1    172.64.146.18 (United States)

ASN13335 (CLOUDFLARENET, US)
api.nordpass.com
13    2606:4700:4400::6812:21ba (United States)

ASN13335 (CLOUDFLARENET, US)
nordaccount.com
s1.nordaccount.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700:4400::ac40:9937 (United States)

ASN13335 (CLOUDFLARENET, US)
debug.nordsec.com
3    2606:4700:4400::ac40:9a46 (United States)

ASN13335 (CLOUDFLARENET, US)
api-gateway.nordaccount.com
s1.nordaccount.com
1    2606:4700::6811:cfed (United States)

ASN13335 (CLOUDFLARENET, US)
s1.nordcdn.com
2    104.19.159.190 (None, )

ASN13335 (CLOUDFLARENET, US)
tracy.nordvpn.com
Apex Domain
Subdomains		 Transfer
16 nordaccount.com
nordaccount.com — Cisco Umbrella Rank: 184703
s1.nordaccount.com — Cisco Umbrella Rank: 300689
api-gateway.nordaccount.com — Cisco Umbrella Rank: 295711
324 KB
2 nordvpn.com
tracy.nordvpn.com — Cisco Umbrella Rank: 186144
572 B
1 nordcdn.com
s1.nordcdn.com — Cisco Umbrella Rank: 156286
105 KB
1 nordsec.com
debug.nordsec.com — Cisco Umbrella Rank: 279874
270 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1118
7 KB
1 nordpass.com
api.nordpass.com — Cisco Umbrella Rank: 72590
290 B
20 6
Domain Requested by
10 s1.nordaccount.com nordaccount.com
s1.nordaccount.com
5 nordaccount.com 1 redirects s1.nordaccount.com
nordaccount.com
2 tracy.nordvpn.com s1.nordaccount.com
1 s1.nordcdn.com s1.nordaccount.com
1 api-gateway.nordaccount.com s1.nordaccount.com
1 debug.nordsec.com s1.nordaccount.com
1 static.cloudflareinsights.com nordaccount.com
1 api.nordpass.com 1 redirects
20 8

This site contains links to these domains. Also see Links.

Domain
my.nordaccount.com
Subject Issuer Validity Valid
*.nordaccount.com
AlphaSSL CA - SHA256 - G4		 2023-02-28 -
2024-03-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.nordcdn.com
AlphaSSL CA - SHA256 - G4		 2023-02-28 -
2024-03-31		 a year crt.sh
*.nordvpn.com
AlphaSSL CA - SHA256 - G2		 2022-09-12 -
2023-10-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect
Frame ID: 71738EA9FFF924B6CD0F2B1427BE3F57
Requests: 19 HTTP requests in this frame

Frame: https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
Frame ID: A9BCC23E51E6D56CEAE8830D52C26E44
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quick, easy, and secure login with Nord Account.

Page URL History Show full URLs

  1. https://api.nordpass.com/v1/users/oauth/login-redirect?attempt=e66a09f7-2420-40ea-8ef3-3f39695a6ab9 HTTP 302
    https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

20
Requests

95 %
HTTPS

71 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

505 kB
Transfer

2028 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.nordpass.com/v1/users/oauth/login-redirect?attempt=e66a09f7-2420-40ea-8ef3-3f39695a6ab9 HTTP 302
    https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nordaccount.com/product/nordpass/login/error/
Redirect Chain
  • https://api.nordpass.com/v1/users/oauth/login-redirect?attempt=e66a09f7-2420-40ea-8ef3-3f39695a6ab9
  • https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
832cb1d3d22a3cca9fb967a511aaacb3165320904f5f5bd40081e94a0abac6b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
80706c16cef023bb-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 15 Sep 2023 11:10:16 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie
x-frame-options
DENY

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
80706c14eac12196-MAN
content-type
text/html; charset=UTF-8
date
Fri, 15 Sep 2023 11:10:16 GMT
location
https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-request-id
65043B97-03D71DA27AE1-383-AC10206801BB
index.985de177e5354f505201.js
s1.nordaccount.com/assets/1.166.2/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.166.2/index.985de177e5354f505201.js
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a19231fa5290a8689d127e4660c8fc34ecd4569a3bb993be1c7d0c8e98e267d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 10:59:45 GMT
server
cloudflare
age
3567
etag
W/"64fef321-7c9e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80706c18b9e723bb-LHR
expires
Sat, 14 Sep 2024 11:10:16 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
Origin
https://nordaccount.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
80706c192e6b48c7-LHR
9123.4ff3773f3f8334f5193a.css
s1.nordaccount.com/assets/1.166.2/ 		887 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.166.2/9123.4ff3773f3f8334f5193a.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/index.985de177e5354f505201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874e1bc62c8ed3d71dcef74cb2fd12c4e0f9d4766c78e96f3c40a8ebe79efd61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 10:28:11 GMT
server
cloudflare
age
3567
etag
W/"64feebbb-dddbf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80706c190a8f23bb-LHR
expires
Sat, 14 Sep 2024 11:10:16 GMT
9123.chunk.4ff3773f3f8334f5193a.js
s1.nordaccount.com/assets/1.166.2/ 		746 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.166.2/9123.chunk.4ff3773f3f8334f5193a.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/index.985de177e5354f505201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
015ee42b063d55021a00919477c2e021fcffbe2c0ee1e430709b81c41d359d46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 10:28:11 GMT
server
cloudflare
age
3567
etag
W/"64feebbb-ba842"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80706c191a9623bb-LHR
expires
Sat, 14 Sep 2024 11:10:16 GMT
5489.cf10f93decfb7f29dcfd.css
s1.nordaccount.com/assets/1.166.2/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.166.2/5489.cf10f93decfb7f29dcfd.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/index.985de177e5354f505201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
845b8e7af41550cbf09c8313c14c69bf06e9181a70f2c6fc6832895b5ce99167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 10:59:45 GMT
server
cloudflare
age
3567
etag
W/"64fef321-1626"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80706c191a9b23bb-LHR
expires
Sat, 14 Sep 2024 11:10:16 GMT
5489.chunk.cf10f93decfb7f29dcfd.js
s1.nordaccount.com/assets/1.166.2/ 		101 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.166.2/5489.chunk.cf10f93decfb7f29dcfd.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/index.985de177e5354f505201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12df6ff00d2402dce7cff7577f990e2903ef973fbcaec3e64de75f9a8a5d3d1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 10:59:45 GMT
server
cloudflare
age
3567
etag
W/"64fef321-19451"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80706c191a9d23bb-LHR
expires
Sat, 14 Sep 2024 11:10:16 GMT
/
debug.nordsec.com/api/7/envelope/ 		2 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://debug.nordsec.com/api/7/envelope/?sentry_key=74d9a6c9eb9e4ae7a1b4ac941af3767c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.68.0
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/9123.chunk.4ff3773f3f8334f5193a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nordaccount.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Sep 2023 11:10:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cf-ray
80706c1adbe923b2-LHR
content-length
2
features
api-gateway.nordaccount.com/v1/tracking/ 		300 B
775 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gateway.nordaccount.com/v1/tracking/features
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/9123.chunk.4ff3773f3f8334f5193a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
025f521428a69660970fc0009e0ee8fe3d8b77877a71396386fcab102a575e8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nordaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://nordaccount.com
access-control-allow-credentials
true
cf-ray
80706c1aea5fdd7f-LHR
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
en-woff2.css
s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/ 		139 KB
105 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/en-woff2.css
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/9123.chunk.4ff3773f3f8334f5193a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cfed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Mar 2023 13:47:21 GMT
server
cloudflare
age
2191
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
80706c1b1d3e7731-LHR
expires
Tue, 19 Mar 2024 11:10:16 GMT
main.js
nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/ Frame A9BC
Redirect Chain
  • https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
Protocol
H2
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
affac8d81e1f6cb353a07645e1c9153a7189f90cda96ddbcb35d7037db551229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
80706c1afdfd23bb-LHR

Redirect headers

date
Fri, 15 Sep 2023 11:10:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
cache-control
max-age=300, public
cf-ray
80706c1aad6323bb-LHR
rum
nordaccount.com/cdn-cgi/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/rum?
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/9123.chunk.4ff3773f3f8334f5193a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nordaccount.com/product/nordpass/login/error/?code=2065&step=login-redirect
accept-language
en-GB,en;q=0.9
baggage
sentry-environment=production,sentry-release=na%401.166.2,sentry-public_key=74d9a6c9eb9e4ae7a1b4ac941af3767c,sentry-trace_id=89918e90acde498da9923076283ed9e0,sentry-sample_rate=0.1,sentry-sampled=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
sentry-trace
89918e90acde498da9923076283ed9e0-aa79e4f3d7916961-0
content-type
application/json

Response headers

date
Fri, 15 Sep 2023 11:10:16 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://nordaccount.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
80706c1abd7823bb-LHR
80706c16cef023bb
nordaccount.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A9BC 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordaccount.com/cdn-cgi/challenge-platform/h/g/jsd/r/80706c16cef023bb
Requested by
Host: nordaccount.com
URL: https://nordaccount.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Sep 2023 11:10:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
cf-ray
80706c1c0fed23bb-LHR
content-type
text/plain; charset=UTF-8
3298.chunk.eadcf4c4e762a6d18c7c.js
s1.nordaccount.com/assets/1.166.2/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/assets/1.166.2/3298.chunk.eadcf4c4e762a6d18c7c.js
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/index.985de177e5354f505201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ed8c175d280eddb31a4b0563251355b6bb2b59b55b870dd1aa3ba140be884fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 10:28:11 GMT
server
cloudflare
age
2625
etag
W/"64feebbb-22d7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80706c1c383923bb-LHR
expires
Sat, 14 Sep 2024 11:10:17 GMT
collect
tracy.nordvpn.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracy.nordvpn.com/v1/collect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordaccount.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-max-age
600
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80706c1cb8e00745-MAN
content-length
0
date
Fri, 15 Sep 2023 11:10:17 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
collect
tracy.nordvpn.com/v1/ 		0
572 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracy.nordvpn.com/v1/collect
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/9123.chunk.4ff3773f3f8334f5193a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Sep 2023 11:10:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
600
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://nordaccount.com
access-control-allow-credentials
true
cf-ray
80706c1ddd02220c-MAN
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length
0
x-request-id
7c732a4581332bebe39d9c8c35cb9727
truncated
/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f679d7185c235059b2dc86033e7f155e6f9d1cd0116336bafae9bfb6ec51c0d

Request headers

Referer
Origin
https://nordaccount.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2635b90a24a19aec8e6e69e8361d52e4df8818a22addddf1d93f1e5c13e5997

Request headers

Referer
Origin
https://nordaccount.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
moon.svg
s1.nordaccount.com/media/1.2050.0/images/account/global/icons/16/ 		213 B
602 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/media/1.2050.0/images/account/global/icons/16/moon.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/9123.chunk.4ff3773f3f8334f5193a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edcd294d9ffe82ca9eb36f6d1164eefdd52bac77d2611ec41ece47fe394a06e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 09:56:22 GMT
server
cloudflare
age
96131
etag
W/"64dc9d46-d5"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
80706c1cfd81dd7f-LHR
expires
Mon, 16 Oct 2023 11:10:17 GMT
globe-language.svg
s1.nordaccount.com/media/1.2050.0/images/account/global/icons/16/ 		474 B
598 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.nordaccount.com/media/1.2050.0/images/account/global/icons/16/globe-language.svg
Requested by
Host: s1.nordaccount.com
URL: https://s1.nordaccount.com/assets/1.166.2/9123.chunk.4ff3773f3f8334f5193a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7939b1e53260464e4cf5a9d6d13b25e7086ac37e4abb90399023f7cba4b107a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 09:56:22 GMT
server
cloudflare
age
96194
etag
W/"64dc9d46-1da"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
80706c1cfd86dd7f-LHR
expires
Mon, 16 Oct 2023 11:10:17 GMT
nordpass.svg
s1.nordaccount.com/media/1.2050.0/images/account/global/logos/horizontal/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2050.0/images/account/global/logos/horizontal/nordpass.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d84f9eae9d803a1e84e64538c990e00ea0052a516bac8944f701dad503591b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 09:56:22 GMT
server
cloudflare
age
93774
etag
W/"64dc9d46-c50"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
80706c1d098323bb-LHR
expires
Mon, 16 Oct 2023 11:10:17 GMT
profile-error.svg
s1.nordaccount.com/media/1.2050.0/images/account/global/icons/48/ 		1 KB
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.nordaccount.com/media/1.2050.0/images/account/global/icons/48/profile-error.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b8d12dc03eed31fc31b719cc33e539a848d34a596181df654209eb4c29dab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 11:10:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 09:56:22 GMT
server
cloudflare
age
89559
etag
W/"64dc9d46-4bf"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
80706c1d098523bb-LHR
expires
Mon, 16 Oct 2023 11:10:17 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| getCookie boolean| isDark object| isDarkCookie string| assetsBasePath object| nordAppData object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| webpackChunk_nord_account_client object| regeneratorRuntime object| _growthbook object| tracy object| __SENTRY__ object| __cfBeacon

10 Cookies

Domain/Path Name / Value
api.nordpass.com/v1/users/oauth Name: NordPassSecurityCookie
Value: 36cdcc85-c8f5-481b-adfd-51bb8be113cb
nordaccount.com/ Name: csrf
Value: 4PFmATb4RtZ77ZBh8kfjKlDW2TWANpf4
nordaccount.com/ Name: sessions_bag
Value: MTY5NDc3NjIxNnxHdi1CQXdFQkEwSmhad0hfZ2dBQkFRRUVWVlZKUkFFTUFBQUFLZi1DQVNRek9HTmxNV013WkMweE1qUXdMVFJtWVRFdE9HVmxNQzAwTVdFMU5ETmlPR0UxWmpZQXznHatVN6blSsJzf9YT1auJuvKhPWKA17d_6k6SMYOnQQ==
nordaccount.com/ Name: request
Value: 7a174248-1708-47a2-9c4f-1d1ea9ef1a1c
.nordaccount.com/ Name: __cf_bm
Value: XwVxK1rqN9MPDrEUH7thvm5R6lmyAff3jFh6m5g62yg-1694776216-0-Ac5yB/jx5/7CkuTsFrwP4rhgM9pj3IxuQvMMUNf/Ii9Nw043s7FR5DGrXOJmI4bf6t7KHFxahDUcuBT2CeEKz1vKNa/VpY1zPvHOCFhoxJgl
.nordaccount.com/ Name: nv_tri
Value: TC_031588539594217924_1694776216638
.nordaccount.com/ Name: font-css-en
Value: true
nordaccount.com/ Name: nv_trs
Value: 1694776216639_1694776216975_0_0
.nordaccount.com/ Name: cf_clearance
Value: mLzm75T0ea4gVI8g5jrEYz2BL2WCr2E.hSY3.iItlpI-1694776217-0-1-eda8f6ab.1cdcc2b.baa9a94b-0.2.1694776217
.nordvpn.com/ Name: __cf_bm
Value: rdek6SEjg1JPebs7UXNNU3JcDJj3fIt2p_L5QtKTwfo-1694776217-0-AXlfaCLh6UyderkY3k5GzudRPIlmpUhjMsb4puSujmysrWLdT7OSbKxaV2B7zVVUX1Te6tNASvwn4texQ6v38xA=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-gateway.nordaccount.com
api.nordpass.com
debug.nordsec.com
nordaccount.com
s1.nordaccount.com
s1.nordcdn.com
static.cloudflareinsights.com
tracy.nordvpn.com
104.19.159.190
172.64.146.18
2606:4700:4400::6812:21ba
2606:4700:4400::ac40:9937
2606:4700:4400::ac40:9a46
2606:4700::6810:3965
2606:4700::6811:cfed
015ee42b063d55021a00919477c2e021fcffbe2c0ee1e430709b81c41d359d46
025f521428a69660970fc0009e0ee8fe3d8b77877a71396386fcab102a575e8c
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
12df6ff00d2402dce7cff7577f990e2903ef973fbcaec3e64de75f9a8a5d3d1d
1edcd294d9ffe82ca9eb36f6d1164eefdd52bac77d2611ec41ece47fe394a06e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f679d7185c235059b2dc86033e7f155e6f9d1cd0116336bafae9bfb6ec51c0d
5ed8c175d280eddb31a4b0563251355b6bb2b59b55b870dd1aa3ba140be884fa
6d84f9eae9d803a1e84e64538c990e00ea0052a516bac8944f701dad503591b9
832cb1d3d22a3cca9fb967a511aaacb3165320904f5f5bd40081e94a0abac6b8
845b8e7af41550cbf09c8313c14c69bf06e9181a70f2c6fc6832895b5ce99167
85b8d12dc03eed31fc31b719cc33e539a848d34a596181df654209eb4c29dab6
874e1bc62c8ed3d71dcef74cb2fd12c4e0f9d4766c78e96f3c40a8ebe79efd61
a19231fa5290a8689d127e4660c8fc34ecd4569a3bb993be1c7d0c8e98e267d7
affac8d81e1f6cb353a07645e1c9153a7189f90cda96ddbcb35d7037db551229
b7939b1e53260464e4cf5a9d6d13b25e7086ac37e4abb90399023f7cba4b107a
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2635b90a24a19aec8e6e69e8361d52e4df8818a22addddf1d93f1e5c13e5997