urlscan.io logo urlscan.io
SecurityTrails logo

rise.co Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://track.rise.co/prod/031205bf-7911-4ca9-8e47-97f9474a5b65/552f763e-8fcd-4c43-a315-93fd075f2cce
Effective URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_...
Submission: On June 08 via manual from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is rise.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2022. Valid for: a year.
This is the only time rise.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    44.193.124.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-124-79.compute-1.amazonaws.com
track.rise.co
5    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rise.co
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
6 rise.co
track.rise.co
rise.co
review.rise.co Failed
116 KB
3 gstatic.com
fonts.gstatic.com
70 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
58 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6117
655 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
655 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
388 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
114 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
82 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 114
15 KB
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 5462
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
1 KB
27 12
Domain Requested by
5 rise.co rise.co
3 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de rise.co
2 www.google.com rise.co
2 www.facebook.com rise.co
2 connect.facebook.net rise.co
connect.facebook.net
2 www.googletagmanager.com rise.co
www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 ws.zoominfo.com rise.co
1 fonts.googleapis.com rise.co
1 track.rise.co 1 redirects
0 review.rise.co Failed rise.co
27 15

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.facebook.com
dribbble.com
www.instagram.com
maps.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-17 -
2022-06-15		 3 months crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Frame ID: 37212A9F91DAAEC16ACECFA5020309F1
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Review for citigroup.com — Rise

Page URL History Show full URLs

  1. http://track.rise.co/prod/031205bf-7911-4ca9-8e47-97f9474a5b65/552f763e-8fcd-4c43-a315-93fd075f2cce HTTP 302
    https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

96 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

14
IPs

3
Countries

461 kB
Transfer

1496 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://track.rise.co/prod/031205bf-7911-4ca9-8e47-97f9474a5b65/552f763e-8fcd-4c43-a315-93fd075f2cce HTTP 302
    https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request go
rise.co/tool/
Redirect Chain
  • http://track.rise.co/prod/031205bf-7911-4ca9-8e47-97f9474a5b65/552f763e-8fcd-4c43-a315-93fd075f2cce
  • https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
3086868029ef58295878280af3134e61d61d1b19182b2efae68b6a4c1abcdfc4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7180a14a3ea38fe9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 09:34:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 08 Jun 2022 09:34:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF1E%2FdyHAxhQNf9zixLDbsrOkyXgmoAUJsjDz6rWaOGjoRoE%2BT3eQnx3mReRpXXSb6KgaL40W6cHSsZIxHyoEvIa7%2FR4yLB%2BdSPQ8PAoDui9DM%2FB1uVY%2BAhqymA1YRpWRhlBLK3K"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
x-powered-by
PHP/5.6.40

Redirect headers

Connection
keep-alive
Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Wed, 08 Jun 2022 09:34:08 GMT
Location
https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Vary
Accept
X-Powered-By
Express
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-132853700-1
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f1187acdf823567ca065b79d8c479f37f9ee246ed7ccf27ecc5ce050c803c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39816
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Jun 2022 09:34:11 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:300,400,700%7CMontserrat:400,500,600,700
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b05c230c297b0122daf7c185fc2aedb3a903ab579e8e70a8294c2634aecc7cc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 09:34:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 08 Jun 2022 09:34:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Jun 2022 09:34:11 GMT
style.css
rise.co/assets/ 		387 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rise.co/assets/style.css
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c3e4822a8095b8b39b3ca95d8191a11715ec1f162789c8f03d152528fdf2ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 23 Mar 2022 14:41:54 GMT
server
cloudflare
etag
W/"102259e-60a39-5dae3bb0a5080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hINXUwPwD0D%2FDh5pnjFVOKtHQVJZ%2FZYc08tIyoGooK3DGGgTBAjEy8Lomj9QbgZ8izOb9w1FLQNj3BiECYnt2QcQXogkB0%2BiVqe%2BRFRkRyqMplrWPeUrASCKT3XY0porqSQPYmby"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=518400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7180a157b8f38fe9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Jun 2022 09:34:11 GMT
jquery-3.1.0.min.js
rise.co/assets/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rise.co/assets/jquery-3.1.0.min.js
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ecdad07946397f0dc5f2235b75de9bad64173081b5886cec57c058b15dc750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Oct 2017 16:25:42 GMT
server
cloudflare
etag
W/"1022057-15153-55b84397f2d80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llWwQIDUBORLDcZKeOJIypMzAJqwUjkN2DADWUm1j1tFi9QliYjS0JMIISQqmvcN%2BBTApDV4hf107CDYtzNUYXBfzlOYs9991A5fsQwlArFyKcRG7waIOLkYLeoQVmrGX7BrnDEA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7180a157b8f58fe9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 08 Jun 2022 09:34:12 GMT
app.js
rise.co/assets/review/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rise.co/assets/review/js/app.js
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d1fa681314b1dfe9bf9cda6934349939b18d2fc1209bd490e158759be400a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 22 Dec 2021 03:04:57 GMT
server
cloudflare
etag
W/"10225be-217d-5d3b362fe6840-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRPiuuo1sm7aI7rQwArQtvwlY0uffzORGsvr%2FCNpT1jiHj%2FthlvmPWDEoUqEiLyhld4hjxC%2Fyay7mN0IutFyff5OvIW1Z%2BxeS%2FoBh6%2FnN8FuIBl9JUrJp6uXSkmSpBkUEqtjwoDN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7180a157b8f68fe9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 08 Jun 2022 09:34:12 GMT
scripts.js
rise.co/assets/ 		106 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rise.co/assets/scripts.js
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06bd734a0894649ffe69d2e7d8892c237ea84569b4d95b7755e90f4f05df3385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 Dec 2021 23:53:58 GMT
server
cloudflare
etag
W/"1022c81-1a9a0-5d360409e7180-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGEInHP9UtzXv3AtdC%2Bn23hETyk8caOTt37vhRiEeo4mqJGGj2Z1HCwFj23aHOaBmlA6%2FYjKjkQMSQP66lMsjxn2zH%2F4%2FWTjeJJaPLAhmtmyRhHxADO%2FqtWQOyg0xi9zdHYoqoMh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7180a157b8f88fe9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 08 Jun 2022 09:34:12 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
9roc2YCtSlbzmhqbpEoK4KnRZruBjIAWjjH9V8qXkXvpxD0+GcB/oYYZHIbpUhFSI9aCJE4Vn5tDEAkGPcgXmQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 08 Jun 2022 09:34:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132853700-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7165
date
Wed, 08 Jun 2022 07:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 08 Jun 2022 09:34:46 GMT
js
www.googletagmanager.com/gtag/ 		108 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-744000331&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132853700-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14b0c68ca40fc9e32474a4d718b1f284e6f91eb038640c4bef8da96f7c858a78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43364
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Jun 2022 09:34:11 GMT
388404448226614
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/388404448226614?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e4bde4300f897dc383192c841af78323d46eaddee3eb1606494d1dea7720eb4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
M0eM4pcfIh3sotayhtR4idZ98fdmJY8nKl1TM4fhETN6T7KhyF0MPctnZ3KvHYkawrRPRTMMbdJUJOBryCcZDw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 08 Jun 2022 09:34:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1654680851901
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
613ae91b63f297001c45fed3
ws.zoominfo.com/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/613ae91b63f297001c45fed3
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ed8cd87834a54ef3e7f447acaedf2ccc909a57f040bb9c4113f62df30d1b1bb6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7180a15bfc009136-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via
1.1 google
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,700%7CMontserrat:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rise.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:18:51 GMT
x-content-type-options
nosniff
age
58520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19752
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:18:51 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,700%7CMontserrat:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rise.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:07:05 GMT
x-content-type-options
nosniff
age
59226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:07:05 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,700%7CMontserrat:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rise.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:07:15 GMT
x-content-type-options
nosniff
age
59216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 17:07:15 GMT
js
www.google-analytics.com/gtm/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MZM6V37&t=gtag_UA_132853700_1&cid=1162637483.1654680852
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5590487466708e0efeec3291363ebfdd2cf9cb940d4f7ca70c17371d644f52f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38912
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Jun 2022 09:34:11 GMT
reviews
review.rise.co/ 		0
0
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-744000331&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15069
x-xss-protection
0
server
cafe
etag
11223643544955582496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Jun 2022 09:34:11 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1189100370&t=pageview&_s=1&dl=https%3A%2F%2Frise.co%2Ftool%2Fgo%3Furl%3Dcitigroup.com%26name%3DJon%2520Blum%26email%3Djon.blum%40citi.com%26utm_source%3Demail_outreach%26utm_medium%3Demail%26utm_campaign%3DDS1%26msID%3D552f763e-8fcd-4c43-a315-93fd075f2cce&ul=en-us&de=UTF-8&dt=Your%20Review%20for%20citigroup.com%20%E2%80%94%20Rise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAAC~&jid=335639457&gjid=1593199000&cid=1162637483.1654680852&tid=UA-132853700-1&_gid=718883242.1654680852&_r=1&gtm=2ou660&z=2098228416
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rise.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 09:34:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rise.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=388404448226614&ev=PageView&dl=https%3A%2F%2Frise.co%2Ftool%2Fgo%3Furl%3Dcitigroup.com%26name%3DJon%2520Blum%26email%3Djon.blum%40citi.com%26utm_source%3Demail_outreach%26utm_medium%3Demail%26utm_campaign%3DDS1%26msID%3D552f763e-8fcd-4c43-a315-93fd075f2cce&rl=&if=false&ts=1654680851981&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654680851979.2136151801&it=1654680851716&coo=false&exp=p1&rqm=GET
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 08 Jun 2022 09:34:12 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/744000331/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/744000331/?random=1654680851987&cv=9&fst=1654680851987&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frise.co%2Ftool%2Fgo%3Furl%3Dcitigroup.com%26name%3DJon%2520Blum%26email%3Djon.blum%40citi.com%26utm_source%3Demail_outreach%26utm_medium%3Demail%26utm_campaign%3DDS1%26msID%3D552f763e-8fcd-4c43-a315-93fd075f2cce&tiba=Your%20Review%20for%20citigroup.com%20%E2%80%94%20Rise&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c11cc401816102bd763f53e478a5e275fe2514be2c87fd6d37cd8b4fdce3224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 09:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1164
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132853700-1&cid=1162637483.1654680852&jid=335639457&gjid=1593199000&_gid=718883242.1654680852&_u=aGBAAUACQAAAAC~&z=856344564
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rise.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 08 Jun 2022 09:34:12 GMT
content-type
text/plain
access-control-allow-origin
https://rise.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/744000331/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/744000331/?random=1654680851987&cv=9&fst=1654678800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frise.co%2Ftool%2Fgo%3Furl%3Dcitigroup.com%26name%3DJon%2520Blum%26email%3Djon.blum%40citi.com%26utm_source%3Demail_outreach%26utm_medium%3Demail%26utm_campaign%3DDS1%26msID%3D552f763e-8fcd-4c43-a315-93fd075f2cce&tiba=Your%20Review%20for%20citigroup.com%20%E2%80%94%20Rise&async=1&fmt=3&is_vtc=1&random=3178729068&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 09:34:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/744000331/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/744000331/?random=1654680851987&cv=9&fst=1654678800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frise.co%2Ftool%2Fgo%3Furl%3Dcitigroup.com%26name%3DJon%2520Blum%26email%3Djon.blum%40citi.com%26utm_source%3Demail_outreach%26utm_medium%3Demail%26utm_campaign%3DDS1%26msID%3D552f763e-8fcd-4c43-a315-93fd075f2cce&tiba=Your%20Review%20for%20citigroup.com%20%E2%80%94%20Rise&async=1&fmt=3&is_vtc=1&random=3178729068&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 09:34:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-132853700-1&cid=1162637483.1654680852&jid=335639457&_u=aGBAAUACQAAAAC~&z=15672538
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 09:34:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-132853700-1&cid=1162637483.1654680852&jid=335639457&_u=aGBAAUACQAAAAC~&z=15672538
Requested by
Host: rise.co
URL: https://rise.co/tool/go?url=citigroup.com&name=Jon%20Blum&email=jon.blum@citi.com&utm_source=email_outreach&utm_medium=email&utm_campaign=DS1&msID=552f763e-8fcd-4c43-a315-93fd075f2cce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 09:34:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=388404448226614&ev=Microdata&dl=https%3A%2F%2Frise.co%2Ftool%2Fgo%3Furl%3Dcitigroup.com%26name%3DJon%2520Blum%26email%3Djon.blum%40citi.com%26utm_source%3Demail_outreach%26utm_medium%3Demail%26utm_campaign%3DDS1%26msID%3D552f763e-8fcd-4c43-a315-93fd075f2cce&rl=&if=false&ts=1654680852484&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Your%20Review%20for%20citigroup.com%20%E2%80%94%20Rise%22%2C%22meta%3Adescription%22%3A%22Website%20Review%20Report%20for%20citigroup.com%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Rise%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Your%20Review%20for%20citigroup.com%22%2C%22og%3Adescription%22%3A%22Website%20Review%20Report%20for%20citigroup.com%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Frise.co%2Ftool%2Fgo%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Frise.co%2Fassets%2Fimages%2Fglobal%2Fcareers-bg.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Rise.co%22%2C%22url%22%3A%22https%3A%2F%2Frise.co%22%2C%22sameAs%22%3A%5B%22http%3A%2F%2Fwww.facebook.com%2Frisedotco%22%2C%22http%3A%2F%2Fwww.twitter.com%2Frisedotco%22%2C%22http%3A%2F%2Fwww.instagram.com%2Frisedotco%22%2C%22http%3A%2F%2Fwww.linkedin.com%2Fcompany%2Frisedotco%22%2C%22http%3A%2F%2Fwww.pinterest.com%2Frisedotco%2F%22%5D%7D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Frise.co%22%2C%22logo%22%3A%22http%3A%2F%2Frise.co%2Fimages%2Flogo.png%22%7D%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654680851979.2136151801&it=1654680851716&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 09:34:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 08 Jun 2022 09:34:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
review.rise.co
URL
https://review.rise.co/reviews

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| initMap function| getCookie function| submitContactFormAjax function| submitNewsletter_header function| submitNewsletter_footer function| submitNewbusiness function| submitMisc function| submitNewsletter_contact function| submitNewsletter_article function| submitNewsletter_exit function| submitMediaInquiry object| bioEp object| gaplugins object| gaGlobal object| gaData object| google_optimize function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ziws

16 Cookies

Domain/Path Name / Value
rise.co/ Name: exp_last_visit
Value: 1339320850
rise.co/ Name: exp_last_activity
Value: 1654680850
rise.co/ Name: exp_tracker
Value: %7B%220%22%3A%22tool%2Fgo%22%2C%22token%22%3A%2225aeafd37eac73e19f580d76e46bbe0ccc30f5650073b21fb139eeb9972c56f74e20f3843e7e6abc262c710df203e02e%22%7D
rise.co/ Name: exp_csrf_token
Value: 848bb4708b2b5079fe8076af40e50abbbbf5ffd8
rise.co/ Name: exp_super_search_history
Value: 11350
.rise.co/ Name: rise_entry
Value: https%3A%2F%2Frise.co%2Ftool%2Fgo%3Furl%3Dcitigroup.com%26name%3DJon%2520Blum%26email%3Djon.blum%40citi.com%26utm_source%3Demail_outreach%26utm_medium%3Demail%26utm_campaign%3DDS1%26msID%3D552f763e-8fcd-4c43-a315-93fd075f2cce
.rise.co/ Name: rise_ip
Value: 2001%3A1b60%3A1010%3A2%3A1012%3A7a05%3Ad77%3A8539
.rise.co/ Name: rise_traffic
Value: Organic
.rise.co/ Name: rise_page
Value: https%3A%2F%2Frise.co%2Ftool%2Fgo%3Furl%3Dcitigroup.com%26name%3DJon%2520Blum%26email%3Djon.blum%40citi.com%26utm_source%3Demail_outreach%26utm_medium%3Demail%26utm_campaign%3DDS1%26msID%3D552f763e-8fcd-4c43-a315-93fd075f2cce
.rise.co/ Name: _ga
Value: GA1.2.1162637483.1654680852
.rise.co/ Name: _gid
Value: GA1.2.718883242.1654680852
.rise.co/ Name: _gcl_au
Value: 1.1.350729454.1654680852
.rise.co/ Name: _gat_gtag_UA_132853700_1
Value: 1
.rise.co/ Name: _fbp
Value: fb.1.1654680851979.2136151801
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ws.zoominfo.com/ Name: visitorId
Value: bcd7ad6ac5841e7c6c64a68e08c8ab15cb96ebd0afb26357602b08e0a15a0027

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
review.rise.co
rise.co
stats.g.doubleclick.net
track.rise.co
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
review.rise.co
142.250.185.66
2606:4700::6810:a852
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c0d::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3121::3
44.193.124.79
06bd734a0894649ffe69d2e7d8892c237ea84569b4d95b7755e90f4f05df3385
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14b0c68ca40fc9e32474a4d718b1f284e6f91eb038640c4bef8da96f7c858a78
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
28ecdad07946397f0dc5f2235b75de9bad64173081b5886cec57c058b15dc750
3086868029ef58295878280af3134e61d61d1b19182b2efae68b6a4c1abcdfc4
35c3e4822a8095b8b39b3ca95d8191a11715ec1f162789c8f03d152528fdf2ac
3f1187acdf823567ca065b79d8c479f37f9ee246ed7ccf27ecc5ce050c803c98
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
5590487466708e0efeec3291363ebfdd2cf9cb940d4f7ca70c17371d644f52f4
7c11cc401816102bd763f53e478a5e275fe2514be2c87fd6d37cd8b4fdce3224
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9e4bde4300f897dc383192c841af78323d46eaddee3eb1606494d1dea7720eb4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b05c230c297b0122daf7c185fc2aedb3a903ab579e8e70a8294c2634aecc7cc8
c3d1fa681314b1dfe9bf9cda6934349939b18d2fc1209bd490e158759be400a8
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ed8cd87834a54ef3e7f447acaedf2ccc909a57f040bb9c4113f62df30d1b1bb6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629