Submitted URL: http://evernote.com/register/?upgrade=plus&itemCode=plus-1year&offer=www_pricing_CTA
Effective URL: https://www.evernote.com/Registration.action
Submission: On March 30 via api from CA

Summary

This website contacted 29 IPs in 8 countries across 28 domains to perform 51 HTTP transactions. The main IP is 34.107.165.220, located in United States and belongs to GOOGLE, US. The main domain is www.evernote.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 25th 2018. Valid for: 2 years.
This is the only time www.evernote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 35.190.29.187 15169 (GOOGLE)
10 34.107.165.220 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 46.228.164.11 56396 (TURN)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 172.217.18.162 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
5 2a03:2880:f11... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 130.211.10.171 15169 (GOOGLE)
1 2a00:1288:f03... 10310 (YAHOO-1)
1 3 31.186.247.145 30282 (AS-INAPCD...)
1 193.0.160.129 54312 (ROCKETFUEL)
1 1 216.58.208.34 15169 (GOOGLE)
1 2 52.211.89.62 16509 (AMAZON-02)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 185.33.223.208 29990 (ASN-APPNEX)
2 4 37.252.172.38 29990 (ASN-APPNEX)
1 1 147.75.102.200 54825 (PACKET)
1 195.181.175.52 60068 (CDN77)
1 23.45.237.36 20940 (AKAMAI-ASN1)
1 72.251.249.9 29791 (VOXEL-DOT...)
1 52.58.138.174 16509 (AMAZON-02)
1 2 52.29.180.59 16509 (AMAZON-02)
1 2 34.95.120.147 15169 (GOOGLE)
1 2 3.127.178.105 16509 (AMAZON-02)
1 34.241.92.164 16509 (AMAZON-02)
2 2 99.81.223.179 16509 (AMAZON-02)
1 104.193.83.156 63124 (IGNITIONO...)
1 2 35.227.248.159 15169 (GOOGLE)
51 29
Domain Requested by
10 www.evernote.com www.evernote.com
5 www.facebook.com www.evernote.com
4 secure.adnxs.com 2 redirects www.evernote.com
3 connect.facebook.net www.evernote.com
connect.facebook.net
3 www.google.de www.evernote.com
3 www.google.com 2 redirects www.evernote.com
3 www.google-analytics.com www.evernote.com
2 pixel.tapad.com 1 redirects www.evernote.com
2 match.adsrvr.org 2 redirects
2 ps.eyeota.net 1 redirects www.evernote.com
2 us-u.openx.net 1 redirects www.evernote.com
2 x.bidswitch.net 1 redirects www.evernote.com
2 ib.adnxs.com 1 redirects www.evernote.com
2 dpm.demdex.net 1 redirects www.evernote.com
2 com-evernote.netmng.com www.evernote.com
com-evernote.netmng.com
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 bat.bing.com www.googletagmanager.com
www.evernote.com
2 evernote.com 2 redirects
1 tradedesk2waycm.netmng.com www.evernote.com
1 beacon.krxd.net www.evernote.com
1 pixel.advertising.com www.evernote.com
1 ce.lijit.com www.evernote.com
1 tags.bluekai.com www.evernote.com
1 load77.exelator.com www.evernote.com
1 loadm.exelator.com 1 redirects
1 image2.pubmatic.com www.evernote.com
1 gcm.netmng.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 p.rfihub.com www.evernote.com
1 ads.yahoo.com www.evernote.com
1 grsm.io www.evernote.com
1 stats.g.doubleclick.net 1 redirects
1 r.turn.com www.evernote.com
1 www.googletagmanager.com www.evernote.com
51 35

This site contains links to these domains. Also see Links.

Domain
evernote.com
Subject Issuer Validity Valid
*.evernote.com
DigiCert SHA2 Secure Server CA
2018-06-25 -
2020-09-27
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.turn.com
DigiCert SHA2 Secure Server CA
2020-03-18 -
2021-04-19
a year crt.sh
www.google.de
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years crt.sh
www.googleadservices.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-03-01 -
2020-05-30
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
www.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.grsm.io
AlphaSSL CA - SHA256 - G2
2017-11-20 -
2020-11-20
3 years crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-03-13 -
2020-04-27
a month crt.sh
*.netmng.com
Go Daddy Secure Certificate Authority - G2
2020-02-10 -
2021-02-23
a year crt.sh
*.rfihub.com
DigiCert SHA2 Secure Server CA
2019-08-27 -
2020-08-31
a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3
2020-01-21 -
2020-04-20
3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2020-01-10 -
2021-04-10
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2019-03-11 -
2020-05-10
a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2017-06-14 -
2020-06-18
3 years crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2019-04-17 -
2020-05-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh
*.eyeota.net
Let's Encrypt Authority X3
2020-02-10 -
2020-05-10
3 months crt.sh
beacon.krxd.net
DigiCert SHA2 Secure Server CA
2020-01-30 -
2021-01-30
a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA
2019-11-02 -
2020-11-06
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.evernote.com/Registration.action
Frame ID: 66344FF638DDD708E2F89CD1958419E2
Requests: 29 HTTP requests in this frame

Frame: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html
Frame ID: 7B53BDF9528E06606F704B92D6E4A67E
Requests: 20 HTTP requests in this frame

Frame: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/yahooRetargeting.html
Frame ID: DA50F7B45D1E9960A146944DC9C493B7
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://evernote.com/register/?upgrade=plus&itemCode=plus-1year&offer=www_pricing_CTA HTTP 301
    https://evernote.com/register/?upgrade=plus&itemCode=plus-1year&offer=www_pricing_CTA HTTP 301
    https://www.evernote.com/Registration.action Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

51
Requests

100 %
HTTPS

29 %
IPv6

28
Domains

35
Subdomains

29
IPs

8
Countries

682 kB
Transfer

2693 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://evernote.com/register/?upgrade=plus&itemCode=plus-1year&offer=www_pricing_CTA HTTP 301
    https://evernote.com/register/?upgrade=plus&itemCode=plus-1year&offer=www_pricing_CTA HTTP 301
    https://www.evernote.com/Registration.action Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-285778-5&cid=31907294.1585558409&jid=1636075689&gjid=1603729417&_gid=27447461.1585558409&_u=YGBAgEAB~&z=2110913159 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-285778-5&cid=31907294.1585558409&jid=1636075689&_v=j81&z=2110913159 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-285778-5&cid=31907294.1585558409&jid=1636075689&_v=j81&z=2110913159&slf_rd=1&random=2151948451
Request Chain 32
  • https://cm.g.doubleclick.net/pixel?google_nid=netmng&google_cm&google_sc&google_hm=Y3J6Y24yNGVuMTZtaw==&vid=crzcn24en16mk HTTP 302
  • https://gcm.netmng.com/?id=&vid=crzcn24en16mk&google_gid=CAESEHfloFatuNQ21QiTPPCOVqw&google_cver=1 HTTP 302
  • https://www.googleadservices.com/pagead/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ibOBXqT_JoWkbPv2gbgK&random=1843142174&sscte=1&crd=&gtd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1843142174&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=ibOBXqT_JoWkbPv2gbgK&random=3263278019 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1843142174&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=ibOBXqT_JoWkbPv2gbgK&random=3263278019&ipr=y
Request Chain 33
  • https://dpm.demdex.net/ibs:dpid=640&dpuuid=crzcn24en16mk HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=crzcn24en16mk
Request Chain 35
  • https://ib.adnxs.com/setuid?entity=72&code=crzcn24en16mk HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D72%26code%3Dcrzcn24en16mk
Request Chain 36
  • https://secure.adnxs.com/mapuid?member=6928&user=crzcn24en16mk HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Dcrzcn24en16mk
Request Chain 37
  • https://secure.adnxs.com/mapuid?member=9373&user=crzcn24en16mk HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D9373%26user%3Dcrzcn24en16mk
Request Chain 38
  • https://loadm.exelator.com/load/?p=204&g=330&buid=crzcn24en16mk&j=0 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 42
  • https://x.bidswitch.net/sync?dsp_id=14&user_id=crzcn24en16mk&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=crzcn24en16mk&expires=30
Request Chain 43
  • https://us-u.openx.net/w/1.0/sd?id=537072967&val=crzcn24en16mk HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=crzcn24en16mk
Request Chain 44
  • https://ps.eyeota.net/match?bid=6bmpi0v&uid=crzcn24en16mk HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6bmpi0v&uid=crzcn24en16mk
Request Chain 46
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=su9xcof&ttd_tpi=1&ttd_puid=-1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=su9xcof&ttd_tpi=1&ttd_puid=-1 HTTP 302
  • https://tradedesk2waycm.netmng.com/cm/?buid=-1&id=468d937f-acd3-4e5f-acf2-6aae580c1633
Request Chain 47
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3117&partner_device_id=crzcn24en16mk HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3117&partner_device_id=crzcn24en16mk

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Registration.action
www.evernote.com/
Redirect Chain
  • http://evernote.com/register/?upgrade=plus&itemCode=plus-1year&offer=www_pricing_CTA
  • https://evernote.com/register/?upgrade=plus&itemCode=plus-1year&offer=www_pricing_CTA
  • https://www.evernote.com/Registration.action
18 KB
19 KB
Document
General
Full URL
https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
8dc4ab7a4429a3e2537c3dbf5befd7d529a34d8276d7885129934ec6b434cbbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.evernote.com
:scheme
https
:path
/Registration.action
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
set-cookie
shard=s604; Version=1; Max-Age=3600; Expires=Mon, 30-Mar-2020 09:53:28 GMT; Path=/ JSESSIONID=032D997D9549AB09DAC15159A7EFFE38; Path=/; Secure; HttpOnly web50017PreUserGuid=bd572727-3381-4b19-a719-89d41ae27ee1; Version=1; Domain=.evernote.com; Max-Age=31536000; Expires=Tue, 30-Mar-2021 08:53:28 GMT; Path=/
content-type
text/html;charset=utf-8
content-language
en
date
Mon, 30 Mar 2020 08:53:27 GMT
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-jr18/shard-reg/en0-ns-604
via
1.1 google
alt-svc
clear

Redirect headers

status
301
content-type
text/html; charset=utf-8
location
https://www.evernote.com/Registration.action
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-cloud-trace-context
a51ddaaeebab9fc221ac1006bf7a9604
date
Mon, 30 Mar 2020 08:53:28 GMT
server
Google Frontend
content-length
79
x-app-server
corpab-t6lb-haproxy-zqn8/be_corpsite_gae/li_corpsite_gae
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
clear
40180495.css
www.evernote.com/ro/L2Y2Y2RkNGJkZmE0YzFiODZmNDQxYzdjMjlmMDcyZTUxMWRkMzQ1MDEuY3Nz/LzkxZjgyYzdiNDFkYTljOWY0NDA2ODY5ZDE5MGM1OTk3Njc4NDE1MS5jc3M/LzRiYzNkNjFkNTY1ZjkxMWQzYzEyOTAxZWRlNWRlMmYxYjI4YzczZmIu...
198 KB
21 KB
Stylesheet
General
Full URL
https://www.evernote.com/ro/L2Y2Y2RkNGJkZmE0YzFiODZmNDQxYzdjMjlmMDcyZTUxMWRkMzQ1MDEuY3Nz/LzkxZjgyYzdiNDFkYTljOWY0NDA2ODY5ZDE5MGM1OTk3Njc4NDE1MS5jc3M/LzRiYzNkNjFkNTY1ZjkxMWQzYzEyOTAxZWRlNWRlMmYxYjI4YzczZmIuY3Nz/40180495.css
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
6485a9dd5fd79eba6f5d95e5bcb57e72e1fa42b6717d20ad8feaa9f70fe64b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-bf72/shard604/en0-ns-604
etag
"474f662d2cd7f200f1264292f65eb40af0aeeaf9"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
status
200
cache-control
public, s-maxage=31536000, max-age=31536000
date
Mon, 30 Mar 2020 08:53:28 GMT
alt-svc
clear
content-length
21720
via
1.1 google
expires
Tue, 30 Mar 2021 08:53:28 GMT
-242472195.css
www.evernote.com/ro/LzkzNmVlZWRiNjA4YWVhOTA3ZTc5ZDAwZTdkNWJjOGM5MzM5MWE2MWQuY3Nz/LzYxMDdhNGMyY2Q1MjIzMTgwMTM3YjQyYmI1MTAyYWFjZTcwYjJkYWIuY3Nz/L2RhYmQ2ZmRlYmRiYzkwNjg3OTBlZTlkZWQ1MjQ4ZmU3YTcxNWViNTI...
40 KB
4 KB
Stylesheet
General
Full URL
https://www.evernote.com/ro/LzkzNmVlZWRiNjA4YWVhOTA3ZTc5ZDAwZTdkNWJjOGM5MzM5MWE2MWQuY3Nz/LzYxMDdhNGMyY2Q1MjIzMTgwMTM3YjQyYmI1MTAyYWFjZTcwYjJkYWIuY3Nz/L2RhYmQ2ZmRlYmRiYzkwNjg3OTBlZTlkZWQ1MjQ4ZmU3YTcxNWViNTIuY3Nz/L2M3YjNiY2RiODRiMzdkMzQ0MjYwNDRmYjA3MTZjYzRiNmQ2ZDExNjAuY3Nz/LzZkMGZjZjlhMGViZDE2M2ZkY2E1NDgxMGY5NmJhZTI0NDllYTExZWQuY3Nz/-242472195.css
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
dcd63232559ec2c4251b0568a877e17ccbdc93eb98040875ada2608a2a014a25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-hck1/shard604/en0-ns-604
etag
"51117adc0b4a4de038e6b85b9a189405b39e3396"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
status
200
cache-control
public, s-maxage=31536000, max-age=31536000
date
Mon, 30 Mar 2020 08:53:28 GMT
alt-svc
clear
content-length
3819
via
1.1 google
expires
Tue, 30 Mar 2021 08:53:28 GMT
gtm.js
www.googletagmanager.com/
80 KB
25 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSNJHPL
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b7e78c376a5da7904b7deaad02c4a45f820ad49461b983a0dee403bad204606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 08:53:28 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
25947
x-xss-protection
0
last-modified
Mon, 30 Mar 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Mar 2020 08:53:28 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
893
date
Mon, 30 Mar 2020 08:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Mon, 30 Mar 2020 10:38:35 GMT
GGL_logo_googleg_18.png
www.evernote.com/redesign/OpenID/img/
709 B
901 B
Image
General
Full URL
https://www.evernote.com/redesign/OpenID/img/GGL_logo_googleg_18.png
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
5d618e5f81b5b1e4090207558374777e69c7960bd4f7e2cf9c9450f31e0b7c84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
last-modified
Mon, 23 Mar 2020 21:09:22 GMT
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-22g8/shard604/en0-ns-604
etag
W/"709-1584997762000"
content-type
image/png
status
200
cache-control
max-age=86400
date
Mon, 30 Mar 2020 08:53:28 GMT
accept-ranges
bytes
alt-svc
clear
content-length
709
expires
Tue, 31 Mar 2020 08:53:28 GMT
beacon
r.turn.com/r/
43 B
490 B
Image
General
Full URL
https://r.turn.com/r/beacon?b2=aX_DqrXQ4nwWAn2YRMQjgzwYXim_R8NWGca_P_PuacUM1fqVBomVmCmzIk7-L2DiZOpLhLfg2J34XE_BfDVUxw&cid=
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:28 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
Content-Type
image/gif
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
-1768367214.js
www.evernote.com/ro/L2RjOWVmYTJkNzQ5ODlhNGIxZWNjNjY2NTk3NDdjOGE3NDIwMmRjY2MuanM/L2RjYzUxZWE5ZGUzN2UzYTgwOTliMmMwYWE5Zjg3MGViNGQzNGIwYzYuanM/LzZhNWE1ZjQ4ZjNiNDVkY2YzNzc5ODc1Mzk2MDU5YWM5MWI4NmMyOTYua...
234 KB
72 KB
Script
General
Full URL
https://www.evernote.com/ro/L2RjOWVmYTJkNzQ5ODlhNGIxZWNjNjY2NTk3NDdjOGE3NDIwMmRjY2MuanM/L2RjYzUxZWE5ZGUzN2UzYTgwOTliMmMwYWE5Zjg3MGViNGQzNGIwYzYuanM/LzZhNWE1ZjQ4ZjNiNDVkY2YzNzc5ODc1Mzk2MDU5YWM5MWI4NmMyOTYuanM/LzEwNTU4ZDNlYjgyYWVhMWUxNDBkNWYxNWMwMzQ2ZWVmMzk1MzY2MGQuanM/L2JjYjllOTZiOWIxYmQ5NmI5MmE5YWI3MjA4NDA5NGZiOTk0NWM0NDQuanM/LzZjNTdhOTU4YWUzNjkwOGJjYjM1MGQ0MmM2YmZhMGUyMDliYzIwYTQuanM/-1768367214.js
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
f188f78d66cdef496020c06f84ee83c7d80c529f159f3cab8c2692c7abd73148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-5dbk/shard604/en0-ns-604
etag
"e2be0a0ac5675958d2e9fec693d86dbd2ea40bb5"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
public, s-maxage=31536000, max-age=31536000
date
Mon, 30 Mar 2020 08:53:28 GMT
alt-svc
clear
content-length
73008
via
1.1 google
expires
Tue, 30 Mar 2021 08:53:28 GMT
i18nMessages.js
www.evernote.com/redesign/global/js/i18n/
906 KB
191 KB
Script
General
Full URL
https://www.evernote.com/redesign/global/js/i18n/i18nMessages.js?version=55085
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
04eaf28def2c7946ef5c3ca86d9018439a4fe145859a3618342170d03d7d52d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 23 Mar 2020 22:22:04 GMT
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-22g8/shard604/en0-ns-604
etag
W/"927274-1585002124000"
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=86400
date
Mon, 30 Mar 2020 08:53:28 GMT
accept-ranges
bytes
alt-svc
clear
content-length
194637
via
1.1 google
expires
Tue, 31 Mar 2020 08:53:28 GMT
2101847082.js
www.evernote.com/ro/LzEzNTVhZTYwOTY4YTQyOWI5Nzk0YWYzNWI3MGU3Y2E2YmRhYmMxMmUuanM/LzY0NWMyYzlhMGYxYzdlNjUzNzY3NDUxYTI3M2QzZDU2YjkyODE4ODIuanM/LzM1Y2E5YzdjMjE5YjFkZjJkZTA3OTRmNjFiZGM1YWVlYjkxNjgwNTAua...
88 KB
31 KB
Script
General
Full URL
https://www.evernote.com/ro/LzEzNTVhZTYwOTY4YTQyOWI5Nzk0YWYzNWI3MGU3Y2E2YmRhYmMxMmUuanM/LzY0NWMyYzlhMGYxYzdlNjUzNzY3NDUxYTI3M2QzZDU2YjkyODE4ODIuanM/LzM1Y2E5YzdjMjE5YjFkZjJkZTA3OTRmNjFiZGM1YWVlYjkxNjgwNTAuanM/L2JiODU0OTkzNWNkZmMxNTczNTU4MmQyN2VkNDdiM2UyOWE3OGFlYTkuanM/LzcwNzhlOTZhMGUwMGJmOTRhMDI5ZTIxYzNlOWJiMmEzZGQ4ODg3Yy5qcw/LzRiZjBiMmMwMGIzNTEyMDRjNzQzNDM2NzNjYmQ0MTFjM2Y1ZmY4M2EuanM/2101847082.js
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
827ac8fb9a6b7054285af67aece4b08686f8993001054b7df764f0602f36be54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-w5t0/shard604/en0-ns-604
etag
"7f51804a2facb8e790a0680e8d3a85e317c9b839"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
public, s-maxage=31536000, max-age=31536000
date
Mon, 30 Mar 2020 08:53:28 GMT
alt-svc
clear
content-length
31490
via
1.1 google
expires
Tue, 30 Mar 2021 08:53:28 GMT
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=984649333&t=pageview&_s=1&dl=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&dp=%2FRegistration.action&ul=en-us&de=UTF-8&dt=Create%20an%20Evernote%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1636075689&gjid=1603729417&cid=31907294.1585558409&tid=UA-285778-5&_gid=27447461.1585558409&cd7=bd572727-3381-4b19-a719-89d41ae27ee1&z=1963432844
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 23:14:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1676323
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-285778-5&cid=31907294.1585558409&jid=1636075689&gjid=1603729417&_gid=27447461.1585558409&_u=YGBAgEAB~&z=2110913159
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-285778-5&cid=31907294.1585558409&jid=1636075689&_v=j81&z=2110913159
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-285778-5&cid=31907294.1585558409&jid=1636075689&_v=j81&z=2110913159&slf_rd=1&random=2151948451
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-285778-5&cid=31907294.1585558409&jid=1636075689&_v=j81&z=2110913159&slf_rd=1&random=2151948451
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Mar 2020 08:53:28 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Mar 2020 08:53:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-285778-5&cid=31907294.1585558409&jid=1636075689&_v=j81&z=2110913159&slf_rd=1&random=2151948451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/
24 KB
8 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSNJHPL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 08:53:28 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 02:21:04 GMT
x-msedge-ref
Ref A: E958FCFB41B8431A999E5339BE0C9F5D Ref B: FRAEDGE0718 Ref C: 2020-03-30T08:53:28Z
access-control-allow-origin
*
etag
"0682da95fdd51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7461
conversion_async.js
www.googleadservices.com/pagead/
26 KB
11 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSNJHPL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
c5b1ef448841c8a0f34532d4be5f5656d9eb4eea66e04755c0b64f2662d35eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 08:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
9982
x-xss-protection
0
server
cafe
etag
13837497077581106518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Mar 2020 08:53:28 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
wybahnH6Fqo73BHZIY9Z5yzP8r246xWn4AP5kjngnWzWbnFrFHI5nM2DhDBdfZuIKFgJUyStd+xn0pAGuNw5ww==
x-fb-trip-id
420120009
date
Mon, 30 Mar 2020 08:53:28 GMT, Mon, 30 Mar 2020 08:53:28 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
tr
www.facebook.com/
44 B
348 B
Image
General
Full URL
https://www.facebook.com/tr?id=1007410362605534&ev=PageView&noscript=1&gtmcb=1181859955
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 08:53:28 GMT, Mon, 30 Mar 2020 08:53:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 30 Mar 2020 08:53:28 GMT
1007410362605534
connect.facebook.net/signals/config/
447 KB
113 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1007410362605534?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4584cb04fe1d2e5071e9aa94451f320044ab16e9ab4f122bb529921db2b3be1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
115042
x-xss-protection
0
pragma
public
x-fb-debug
JUqHtIgtZKejzbw5sJTK2jdJAvdw5kdJTmJE9I897eggT0xjcH6rTpY9Ld2UlHrnae13dAUBk0Bto0tld2zpfw==
x-fb-trip-id
420120009
date
Mon, 30 Mar 2020 08:53:28 GMT, Mon, 30 Mar 2020 08:53:28 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/
0
148 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17001556&Ver=2&mid=3327e91e-1d28-07ed-3efd-375cc0644171&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Create%20an%20Evernote%20Account&p=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&r=&evt=pageLoad&msclkid=N&rn=931232
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
pragma
no-cache
date
Mon, 30 Mar 2020 08:53:28 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: C76923C091FA4476A5BA66F9E3534781 Ref B: FRAEDGE0718 Ref C: 2020-03-30T08:53:28Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
891802871018262
connect.facebook.net/signals/config/
447 KB
112 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/891802871018262?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e55b4e7b92944d3ab1277d91e96e0a9f9b4163563ea4c6ce37ac96d070931798
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
114918
x-xss-protection
0
pragma
public
x-fb-debug
dXxic/jz42gMtW1+UulbTjBaLabf8/Flbd3MfrPRaF7uG2Et5G2BwuevOW6ZwNTRDA4WaSlB6Fli9PsoWU5vcw==
x-fb-trip-id
420120009
date
Mon, 30 Mar 2020 08:53:28 GMT, Mon, 30 Mar 2020 08:53:28 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1007410362605534&ev=PageView&dl=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&rl=&if=false&ts=1585558408761&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585558408760.748385594&it=1585558408719&coo=false&rqm=GET
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 08:53:28 GMT, Mon, 30 Mar 2020 08:53:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 30 Mar 2020 08:53:28 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/984368495/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984368495/?random=1585558408774&cv=9&fst=1585558408774&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&tiba=Create%20an%20Evernote%20Account&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
913a44fb15b251867708b1d4c983796c00f388e4b1f5b764487a718648385b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Mon, 30 Mar 2020 08:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1009
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=891802871018262&ev=PageView&dl=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&rl=&if=false&ts=1585558408785&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585558408760.748385594&it=1585558408719&coo=false&rqm=GET
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 08:53:28 GMT, Mon, 30 Mar 2020 08:53:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 30 Mar 2020 08:53:28 GMT
/
www.google.com/pagead/1p-user-list/984368495/
42 B
110 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/984368495/?random=1585558408774&cv=9&fst=1585555200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&tiba=Create%20an%20Evernote%20Account&async=1&fmt=3&is_vtc=1&random=2418426922&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 30 Mar 2020 08:53:28 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/984368495/
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/984368495/?random=1585558408774&cv=9&fst=1585555200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&tiba=Create%20an%20Evernote%20Account&async=1&fmt=3&is_vtc=1&random=2418426922&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 30 Mar 2020 08:53:28 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bb6ce0ce7affff91989d4aab2ba9fa53.png
www.evernote.com/static/static_css_resources/
8 KB
9 KB
Image
General
Full URL
https://www.evernote.com/static/static_css_resources/bb6ce0ce7affff91989d4aab2ba9fa53.png
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/Registration.action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
b0883d4796d831481bde21ef72ca6472edbcaeafb9376bc38d3909e00020cd23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.evernote.com/ro/LzkzNmVlZWRiNjA4YWVhOTA3ZTc5ZDAwZTdkNWJjOGM5MzM5MWE2MWQuY3Nz/LzYxMDdhNGMyY2Q1MjIzMTgwMTM3YjQyYmI1MTAyYWFjZTcwYjJkYWIuY3Nz/L2RhYmQ2ZmRlYmRiYzkwNjg3OTBlZTlkZWQ1MjQ4ZmU3YTcxNWViNTIuY3Nz/L2M3YjNiY2RiODRiMzdkMzQ0MjYwNDRmYjA3MTZjYzRiNmQ2ZDExNjAuY3Nz/LzZkMGZjZjlhMGViZDE2M2ZkY2E1NDgxMGY5NmJhZTI0NDllYTExZWQuY3Nz/-242472195.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
last-modified
Mon, 23 Mar 2020 22:22:26 GMT
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-lk3g/shard604/en0-ns-604
etag
W/"8672-1585002146000"
content-type
image/png
status
200
date
Mon, 30 Mar 2020 08:53:28 GMT
accept-ranges
bytes
alt-svc
clear
content-length
8672
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=984649333&t=event&_s=2&dl=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&ul=en-us&de=UTF-8&dt=Create%20an%20Evernote%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=account&ea=registration_action&el=view_registration_screen_reg_action&_u=aGBAgEAB~&jid=&gjid=&cid=31907294.1585558409&tid=UA-285778-5&_gid=27447461.1585558409&cd7=bd572727-3381-4b19-a719-89d41ae27ee1&z=273045950
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 23:14:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1676324
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ignitionone.html
www.evernote.com/redesign/modules/MarketingTrackingPixel/ Frame 7B53
577 B
698 B
Document
General
Full URL
https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/ro/L2RjOWVmYTJkNzQ5ODlhNGIxZWNjNjY2NTk3NDdjOGE3NDIwMmRjY2MuanM/L2RjYzUxZWE5ZGUzN2UzYTgwOTliMmMwYWE5Zjg3MGViNGQzNGIwYzYuanM/LzZhNWE1ZjQ4ZjNiNDVkY2YzNzc5ODc1Mzk2MDU5YWM5MWI4NmMyOTYuanM/LzEwNTU4ZDNlYjgyYWVhMWUxNDBkNWYxNWMwMzQ2ZWVmMzk1MzY2MGQuanM/L2JjYjllOTZiOWIxYmQ5NmI5MmE5YWI3MjA4NDA5NGZiOTk0NWM0NDQuanM/LzZjNTdhOTU4YWUzNjkwOGJjYjM1MGQ0MmM2YmZhMGUyMDliYzIwYTQuanM/-1768367214.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
80e63fc3707410bbe5f15e607d35dc660619f8ae6637cbf167817fa7c00f69ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.evernote.com
:scheme
https
:path
/redesign/modules/MarketingTrackingPixel/ignitionone.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://www.evernote.com/Registration.action
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
shard=s604; JSESSIONID=032D997D9549AB09DAC15159A7EFFE38; web50017PreUserGuid=bd572727-3381-4b19-a719-89d41ae27ee1; _ga=GA1.2.31907294.1585558409; _gid=GA1.2.27447461.1585558409; _gat=1; _gcl_au=1.1.449913758.1585558409; _fbp=fb.1.1585558408760.748385594
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.evernote.com/Registration.action

Response headers

status
200
strict-transport-security
max-age=31536000
expires
Tue, 31 Mar 2020 08:53:29 GMT
cache-control
max-age=86400
accept-ranges
bytes
etag
W/"577-1585002014000"
last-modified
Mon, 23 Mar 2020 22:20:14 GMT
content-type
text/html;charset=UTF-8
content-length
577
date
Mon, 30 Mar 2020 08:53:28 GMT
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-mww8/shard604/en0-ns-604
via
1.1 google
alt-svc
clear
yahooRetargeting.html
www.evernote.com/redesign/modules/MarketingTrackingPixel/ Frame DA50
169 B
322 B
Document
General
Full URL
https://www.evernote.com/redesign/modules/MarketingTrackingPixel/yahooRetargeting.html?
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/ro/L2RjOWVmYTJkNzQ5ODlhNGIxZWNjNjY2NTk3NDdjOGE3NDIwMmRjY2MuanM/L2RjYzUxZWE5ZGUzN2UzYTgwOTliMmMwYWE5Zjg3MGViNGQzNGIwYzYuanM/LzZhNWE1ZjQ4ZjNiNDVkY2YzNzc5ODc1Mzk2MDU5YWM5MWI4NmMyOTYuanM/LzEwNTU4ZDNlYjgyYWVhMWUxNDBkNWYxNWMwMzQ2ZWVmMzk1MzY2MGQuanM/L2JjYjllOTZiOWIxYmQ5NmI5MmE5YWI3MjA4NDA5NGZiOTk0NWM0NDQuanM/LzZjNTdhOTU4YWUzNjkwOGJjYjM1MGQ0MmM2YmZhMGUyMDliYzIwYTQuanM/-1768367214.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.165.220 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.165.107.34.bc.googleusercontent.com
Software
Evernote/1.0 /
Resource Hash
9be611214de1dde1d01a05f49ed7fcaaddfb10c85d378189f6672773d06e61c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.evernote.com
:scheme
https
:path
/redesign/modules/MarketingTrackingPixel/yahooRetargeting.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://www.evernote.com/Registration.action
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
shard=s604; JSESSIONID=032D997D9549AB09DAC15159A7EFFE38; web50017PreUserGuid=bd572727-3381-4b19-a719-89d41ae27ee1; _ga=GA1.2.31907294.1585558409; _gid=GA1.2.27447461.1585558409; _gat=1; _gcl_au=1.1.449913758.1585558409; _fbp=fb.1.1585558408760.748385594
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.evernote.com/Registration.action

Response headers

status
200
strict-transport-security
max-age=31536000
expires
Tue, 31 Mar 2020 08:53:29 GMT
cache-control
max-age=86400
accept-ranges
bytes
etag
W/"169-1585002014000"
last-modified
Mon, 23 Mar 2020 22:20:14 GMT
content-type
text/html;charset=UTF-8
content-length
169
date
Mon, 30 Mar 2020 08:53:28 GMT
server
Evernote/1.0
x-app-server
en0-t6lb-haproxy-w5t0/shard604/en0-ns-604
via
1.1 google
alt-svc
clear
pk_TK86G81qlDu89wkbTxgRJUlp02Ww3TLB
grsm.io/pr/gpk/
0
183 B
XHR
General
Full URL
https://grsm.io/pr/gpk/pk_TK86G81qlDu89wkbTxgRJUlp02Ww3TLB
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/ro/L2RjOWVmYTJkNzQ5ODlhNGIxZWNjNjY2NTk3NDdjOGE3NDIwMmRjY2MuanM/L2RjYzUxZWE5ZGUzN2UzYTgwOTliMmMwYWE5Zjg3MGViNGQzNGIwYzYuanM/LzZhNWE1ZjQ4ZjNiNDVkY2YzNzc5ODc1Mzk2MDU5YWM5MWI4NmMyOTYuanM/LzEwNTU4ZDNlYjgyYWVhMWUxNDBkNWYxNWMwMzQ2ZWVmMzk1MzY2MGQuanM/L2JjYjllOTZiOWIxYmQ5NmI5MmE5YWI3MjA4NDA5NGZiOTk0NWM0NDQuanM/LzZjNTdhOTU4YWUzNjkwOGJjYjM1MGQ0MmM2YmZhMGUyMDliYzIwYTQuanM/-1768367214.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.171 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.10.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.evernote.com/Registration.action
Origin
https://www.evernote.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 08:53:29 GMT
via
1.1 google
status
200
p3p
CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin
https://www.evernote.com
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
alt-svc
clear
content-length
0
pixel
ads.yahoo.com/ Frame DA50
0
0
Image
General
Full URL
https://ads.yahoo.com/pixel?id=2479292&t=2
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/yahooRetargeting.html?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

/
com-evernote.netmng.com/ Frame 7B53
278 B
1 KB
Script
General
Full URL
https://com-evernote.netmng.com/?aid=3163&siclientid=
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.186.247.145 , United Kingdom, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ac3ba9942c827e14f8af3c0c706d1517531e03de1b5d8d7c9ec7503b10e63e9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:29 GMT
Last-Modified
Sat, 28 Mar 2020 08:53:29 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Sat, 28 Mar 2020 08:53:29 GMT
/
com-evernote.netmng.com/ Frame 7B53
3 KB
4 KB
Script
General
Full URL
https://com-evernote.netmng.com/?aid=3163&siclientid=&cch
Requested by
Host: com-evernote.netmng.com
URL: https://com-evernote.netmng.com/?aid=3163&siclientid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.186.247.145 , United Kingdom, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
7af01b177b473e2fa6d0c67a34776fb8cb6ff3f0a8b9cbeb40943d95f38cf9a9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:29 GMT
Last-Modified
Sat, 28 Mar 2020 08:53:29 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Sat, 28 Mar 2020 08:53:29 GMT
cm
p.rfihub.com/ Frame 7B53
42 B
872 B
Image
General
Full URL
https://p.rfihub.com/cm?pub=40519&in=1&userid=crzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Cache-Control
no-cache
Server
Jetty(9.0.6.v20130930)
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
42
Content-Type
image/gif
/
www.google.de/pagead/1p-conversion/1057254703/ Frame 7B53
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=netmng&google_cm&google_sc&google_hm=Y3J6Y24yNGVuMTZtaw==&vid=crzcn24en16mk
  • https://gcm.netmng.com/?id=&vid=crzcn24en16mk&google_gid=CAESEHfloFatuNQ21QiTPPCOVqw&google_cver=1
  • https://www.googleadservices.com/pagead/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ibOBXqT_JoWkbP...
  • https://www.google.com/pagead/1p-conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1843142174&sscte=1&crd=&gtd=&is_vtc...
  • https://www.google.de/pagead/1p-conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1843142174&sscte=1&crd=&gtd=&is_vtc=...
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1843142174&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=ibOBXqT_JoWkbPv2gbgK&random=3263278019&ipr=y
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Mar 2020 08:53:29 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Mar 2020 08:53:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1843142174&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=ibOBXqT_JoWkbPv2gbgK&random=3263278019&ipr=y
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 7B53
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=640&dpuuid=crzcn24en16mk
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=crzcn24en16mk
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=crzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.89.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-89-62.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v064-0e1b193d5.edge-irl1.demdex.com 5.66.0.20200310121811 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
ElxH9tKyR4o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
O9T3UTmOR3I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=crzcn24en16mk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7B53
42 B
709 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxMTQmdGw9NDMyMDA=&piggybackCookie=crzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:29 GMT
X-lat
Pug23012:0:214
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Cache-Control
no-store, no-cache, private
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection
close
Content-Type
image/gif; charset=utf-8
Content-Length
42
bounce
ib.adnxs.com/ Frame 7B53
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=72&code=crzcn24en16mk
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D72%26code%3Dcrzcn24en16mk
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D72%26code%3Dcrzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:31 GMT
AN-X-Request-Uuid
dd667f47-d1c9-430a-a72f-8c05548aeb4c
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.102.19.134; 82.102.19.134; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.141:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:31 GMT
AN-X-Request-Uuid
d9e347ed-afdd-4026-8afd-f543a46f47b7
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D72%26code%3Dcrzcn24en16mk
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.102.19.134; 82.102.19.134; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.138:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame 7B53
Redirect Chain
  • https://secure.adnxs.com/mapuid?member=6928&user=crzcn24en16mk
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Dcrzcn24en16mk
43 B
846 B
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Dcrzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:31 GMT
AN-X-Request-Uuid
9d95ebb3-de89-4e7e-a27c-85b746536230
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.102.19.134; 82.102.19.134; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.168:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:31 GMT
AN-X-Request-Uuid
eef78296-cca6-4af8-a4be-f3dcdb8df730
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Dcrzcn24en16mk
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.102.19.134; 82.102.19.134; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.87:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame 7B53
Redirect Chain
  • https://secure.adnxs.com/mapuid?member=9373&user=crzcn24en16mk
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D9373%26user%3Dcrzcn24en16mk
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D9373%26user%3Dcrzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:31 GMT
AN-X-Request-Uuid
3e4ad5d7-252e-4737-8aaa-a1233b387ee2
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.102.19.134; 82.102.19.134; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:31 GMT
AN-X-Request-Uuid
f657daa9-3a0b-4bd0-9be9-67829e2a8e91
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D9373%26user%3Dcrzcn24en16mk
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.102.19.134; 82.102.19.134; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.183:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
load77.exelator.com/ Frame 7B53
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=330&buid=crzcn24en16mk&j=0
  • https://load77.exelator.com/pixel.gif
43 B
273 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 08:53:29 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
x-cache
HIT
content-type
image/gif
status
200
x-edge-ip
195.181.175.50
x-age
682282
accept-ranges
bytes
content-length
43

Redirect headers

date
Mon, 30 Mar 2020 08:53:29 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
location
https://load77.exelator.com/pixel.gif
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
302
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
13209
tags.bluekai.com/site/ Frame 7B53
62 B
717 B
Image
General
Full URL
https://tags.bluekai.com/site/13209?id=crzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-237-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 30 Mar 2020 08:53:29 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
4248
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
merge
ce.lijit.com/ Frame 7B53
0
394 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=15&3pid=crzcn24en16mk&cb=1585558409
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 08:53:29 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
X-Application-Context
application:prod:9080
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
pixel.advertising.com/ups/55948/ Frame 7B53
0
124 B
Image
General
Full URL
https://pixel.advertising.com/ups/55948/sync?uid=crzcn24en16mk&_origin=1
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.138.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-138-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Mon, 30 Mar 2020 08:53:29 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ul_cb/ Frame 7B53
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=14&user_id=crzcn24en16mk&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=crzcn24en16mk&expires=30
43 B
380 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=crzcn24en16mk&expires=30
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.180.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-180-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 30 Mar 2020 08:53:29 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Mon, 30 Mar 2020 08:53:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=crzcn24en16mk&expires=30
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sd
us-u.openx.net/w/1.0/ Frame 7B53
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=537072967&val=crzcn24en16mk
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=crzcn24en16mk
43 B
183 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=crzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.182.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Mar 2020 08:53:29 GMT
via
1.1 google
server
OXGW/16.182.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 30 Mar 2020 08:53:29 GMT
via
1.1 google
server
OXGW/16.182.1
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=crzcn24en16mk
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
content-length
0
/
ps.eyeota.net/match/bounce/ Frame 7B53
Redirect Chain
  • https://ps.eyeota.net/match?bid=6bmpi0v&uid=crzcn24en16mk
  • https://ps.eyeota.net/match/bounce/?bid=6bmpi0v&uid=crzcn24en16mk
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match/bounce/?bid=6bmpi0v&uid=crzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Mar 2020 08:53:29 GMT
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length
70
Content-Type
image/gif

Redirect headers

Location
/match/bounce/?bid=6bmpi0v&uid=crzcn24en16mk
Date
Mon, 30 Mar 2020 08:53:29 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame 7B53
0
320 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ignitionone&partner_uid=crzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.92.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-92-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Mon, 30 Mar 2020 08:53:29 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1585558409
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
tradedesk2waycm.netmng.com/cm/ Frame 7B53
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=su9xcof&ttd_tpi=1&ttd_puid=-1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=su9xcof&ttd_tpi=1&ttd_puid=-1
  • https://tradedesk2waycm.netmng.com/cm/?buid=-1&id=468d937f-acd3-4e5f-acf2-6aae580c1633
42 B
190 B
Image
General
Full URL
https://tradedesk2waycm.netmng.com/cm/?buid=-1&id=468d937f-acd3-4e5f-acf2-6aae580c1633
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.193.83.156 , United States, ASN63124 (IGNITIONONE-ASN, US),
Reverse DNS
Software
nginx/1.11.10 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Mar 2020 08:53:30 GMT
Server
nginx/1.11.10
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 30 Mar 2020 08:53:29 GMT
x-aspnet-version
4.0.30319
location
https://tradedesk2waycm.netmng.com/cm/?buid=-1&id=468d937f-acd3-4e5f-acf2-6aae580c1633
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
203
check
pixel.tapad.com/idsync/ex/receive/ Frame 7B53
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3117&partner_device_id=crzcn24en16mk
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3117&partner_device_id=crzcn24en16mk
95 B
451 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3117&partner_device_id=crzcn24en16mk
Requested by
Host: www.evernote.com
URL: https://www.evernote.com/redesign/modules/MarketingTrackingPixel/ignitionone.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(8.1.13.v20130916) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
server
Jetty(8.1.13.v20130916)
date
Mon, 30 Mar 2020 08:53:30 GMT
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status
200
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

strict-transport-security
max-age=31536000
via
1.1 google
server
Jetty(8.1.13.v20130916)
date
Mon, 30 Mar 2020 08:53:30 GMT
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3117&partner_device_id=crzcn24en16mk
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status
302
alt-svc
clear
content-length
0
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1007410362605534&ev=Microdata&dl=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&rl=&if=false&ts=1585558410263&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Create%20an%20Evernote%20Account%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585558408760.748385594&it=1585558408719&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 08:53:30 GMT, Mon, 30 Mar 2020 08:53:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 30 Mar 2020 08:53:30 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=891802871018262&ev=Microdata&dl=https%3A%2F%2Fwww.evernote.com%2FRegistration.action&rl=&if=false&ts=1585558410286&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Create%20an%20Evernote%20Account%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585558408760.748385594&it=1585558408719&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.evernote.com/Registration.action
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 08:53:30 GMT, Mon, 30 Mar 2020 08:53:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 30 Mar 2020 08:53:30 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| uetq function| fbq function| _fbq function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| getParameterByName function| handler object| form function| requirejs function| require function| define object| Evernote function| $ function| jQuery object| respond object| __EVERNOTE_ACTIONBEAN__ object| __EVERNOTE_I18N__ function| _ object| jQuery180008490993056205376 function| registrationFormSuccessHandler

8 Cookies

Domain/Path Name / Value
.evernote.com/ Name: _fbp
Value: fb.1.1585558408760.748385594
.evernote.com/ Name: _gcl_au
Value: 1.1.449913758.1585558409
.evernote.com/ Name: _gat
Value: 1
www.evernote.com/ Name: JSESSIONID
Value: 032D997D9549AB09DAC15159A7EFFE38
.evernote.com/ Name: _gid
Value: GA1.2.27447461.1585558409
www.evernote.com/ Name: shard
Value: s604
.evernote.com/ Name: _ga
Value: GA1.2.31907294.1585558409
.evernote.com/ Name: web50017PreUserGuid
Value: bd572727-3381-4b19-a719-89d41ae27ee1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
bat.bing.com
beacon.krxd.net
ce.lijit.com
cm.g.doubleclick.net
com-evernote.netmng.com
connect.facebook.net
dpm.demdex.net
evernote.com
gcm.netmng.com
googleads.g.doubleclick.net
grsm.io
ib.adnxs.com
image2.pubmatic.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
p.rfihub.com
pixel.advertising.com
pixel.tapad.com
ps.eyeota.net
r.turn.com
secure.adnxs.com
stats.g.doubleclick.net
tags.bluekai.com
tradedesk2waycm.netmng.com
us-u.openx.net
www.evernote.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.193.83.156
130.211.10.171
147.75.102.200
172.217.18.162
185.33.223.208
185.64.190.80
193.0.160.129
195.181.175.52
216.58.208.34
23.45.237.36
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:808::2004
2a00:1450:4001:817::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.127.178.105
31.186.247.145
34.107.165.220
34.241.92.164
34.95.120.147
35.190.29.187
35.227.248.159
37.252.172.38
46.228.164.11
52.211.89.62
52.29.180.59
52.58.138.174
72.251.249.9
99.81.223.179
04eaf28def2c7946ef5c3ca86d9018439a4fe145859a3618342170d03d7d52d5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7e78c376a5da7904b7deaad02c4a45f820ad49461b983a0dee403bad204606
0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4584cb04fe1d2e5071e9aa94451f320044ab16e9ab4f122bb529921db2b3be1b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ac3ba9942c827e14f8af3c0c706d1517531e03de1b5d8d7c9ec7503b10e63e9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d618e5f81b5b1e4090207558374777e69c7960bd4f7e2cf9c9450f31e0b7c84
6485a9dd5fd79eba6f5d95e5bcb57e72e1fa42b6717d20ad8feaa9f70fe64b56
7af01b177b473e2fa6d0c67a34776fb8cb6ff3f0a8b9cbeb40943d95f38cf9a9
80e63fc3707410bbe5f15e607d35dc660619f8ae6637cbf167817fa7c00f69ac
827ac8fb9a6b7054285af67aece4b08686f8993001054b7df764f0602f36be54
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dc4ab7a4429a3e2537c3dbf5befd7d529a34d8276d7885129934ec6b434cbbf
913a44fb15b251867708b1d4c983796c00f388e4b1f5b764487a718648385b5f
9be611214de1dde1d01a05f49ed7fcaaddfb10c85d378189f6672773d06e61c1
b0883d4796d831481bde21ef72ca6472edbcaeafb9376bc38d3909e00020cd23
c5b1ef448841c8a0f34532d4be5f5656d9eb4eea66e04755c0b64f2662d35eed
dcd63232559ec2c4251b0568a877e17ccbdc93eb98040875ada2608a2a014a25
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b4e7b92944d3ab1277d91e96e0a9f9b4163563ea4c6ce37ac96d070931798
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f188f78d66cdef496020c06f84ee83c7d80c529f159f3cab8c2692c7abd73148