URL: http://email.homeloans.citi.com/view/348945348079
Submission: On January 21 via api from US

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 52.1.126.9, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is email.homeloans.citi.com.
This is the only time email.homeloans.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.1.126.9 14618 (AMAZON-AES)
1 52.216.144.75 16509 (AMAZON-02)
4 52.216.136.19 16509 (AMAZON-02)
1 1 13.110.9.189 14340 (SALESFORCE)
1 13.110.11.188 14340 (SALESFORCE)
8 4
Domain Requested by
4 softvu-private.s3.amazonaws.com email.homeloans.citi.com
2 email.homeloans.citi.com email.homeloans.citi.com
1 citirel--c.na91.content.force.com email.homeloans.citi.com
1 citirel.my.salesforce.com 1 redirects
1 sv-mortgage.s3.amazonaws.com email.homeloans.citi.com
8 5

This site contains links to these domains. Also see Links.

Domain
citi.bridgetrack.com
Subject Issuer Validity Valid
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2019-11-09 -
2021-03-12
a year crt.sh
*.na91.force.com
DigiCert SHA2 Secure Server CA
2020-02-07 -
2021-02-07
a year crt.sh

This page contains 1 frames:

Primary Page: http://email.homeloans.citi.com/view/348945348079
Frame ID: F05A3F12613D5C918480F063116D26FD
Requests: 8 HTTP requests in this frame

Screenshot


Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

112 kB
Transfer

133 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://citirel.my.salesforce.com/servlet/servlet.ImageServer?id=0152E000001TtDQQA0&oid=00D300000005om9EAA HTTP 301
  • https://citirel--c.na91.content.force.com/servlet/servlet.ImageServer?id=0152E000001TtDQQA0&oid=00D300000005om9EAA

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 348945348079
email.homeloans.citi.com/view/
29 KB
6 KB
Document
General
Full URL
http://email.homeloans.citi.com/view/348945348079
Protocol
HTTP/1.1
Server
52.1.126.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-126-9.compute-1.amazonaws.com
Software
/
Resource Hash
31e3b9f9fa882e76ea11ff867c88bc7365a0d6f7d01f5bbd17df689e424212d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
email.homeloans.citi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 17:36:18 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
X-XSS-Protection
1; mode=block
Cache-Control
private,no-cache,no-store,must-revalidate
Expires
-1
Pragma
no-cache
ETag
W/"7468-963zpSYt1jMWDcdrZgnRAqilYvI"
Vary
Accept-Encoding
Content-Encoding
gzip
spacer.gif
sv-mortgage.s3.amazonaws.com/
1 KB
1 KB
Image
General
Full URL
https://sv-mortgage.s3.amazonaws.com/spacer.gif
Requested by
Host: email.homeloans.citi.com
URL: http://email.homeloans.citi.com/view/348945348079
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.144.75 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
843630b029a0f48dbad89b365e9b1b90fe8c19b3586d2f43090b95814d91751b

Request headers

Referer
http://email.homeloans.citi.com/view/348945348079
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 17:36:19 GMT
Last-Modified
Tue, 16 May 2017 15:04:39 GMT
Server
AmazonS3
x-amz-request-id
048823D19BB733EA
ETag
"f2229e22cda170c551671e5853235fe1"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1095
x-amz-id-2
QsKp1WUIGAq0k0OsCxO7qPrDL7qzdg4RV4aD5haooATxtaXjYumRM0qBiFkpCPcRVCaOCortGs0=
logo.png
softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/
4 KB
5 KB
Image
General
Full URL
https://softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/logo.png
Requested by
Host: email.homeloans.citi.com
URL: http://email.homeloans.citi.com/view/348945348079
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.136.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d5b2b480eaa51ef43194de0c18bb7fe63a51195c7752af7cc48b5199c1766869

Request headers

Referer
http://email.homeloans.citi.com/view/348945348079
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 17:36:19 GMT
Last-Modified
Tue, 27 Feb 2018 17:37:11 GMT
Server
AmazonS3
x-amz-request-id
19BF1850A0DD7BD2
ETag
"917ff40d3846a55a878916464b1826e0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4513
x-amz-id-2
Hjhxi6NHtT7YWyIu8wko14T+iXnTQQnmNJjmWz3CR01kbkXgLdRYRjUEEKSzD3H+h3eRoIC7amY=
GettyImages-169086968-530x320.jpg
softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/_templates/c20842d885bb40aa9f2bada78eec574a/hero-image/
56 KB
56 KB
Image
General
Full URL
https://softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/_templates/c20842d885bb40aa9f2bada78eec574a/hero-image/GettyImages-169086968-530x320.jpg
Requested by
Host: email.homeloans.citi.com
URL: http://email.homeloans.citi.com/view/348945348079
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.136.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8aa7fdabbf8514e71cf8a9aa78e4c575b19dff198cc1613489a5056156c07a9a

Request headers

Referer
http://email.homeloans.citi.com/view/348945348079
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 17:36:19 GMT
Last-Modified
Tue, 17 Nov 2020 18:55:49 GMT
Server
AmazonS3
x-amz-request-id
4580C2A557032C7A
ETag
"2dfb0f19fdfaf4497efdfd992bd9dd99"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
57320
x-amz-id-2
lXSraCXvayAdweOQYtQeRH3kXm3FHoM9e6FavRGgbqriPx3mhRKHXvFa9DNJOcS3e17NyRmrTtI=
servlet.ImageServer
citirel--c.na91.content.force.com/servlet/
Redirect Chain
  • https://citirel.my.salesforce.com/servlet/servlet.ImageServer?id=0152E000001TtDQQA0&oid=00D300000005om9EAA
  • https://citirel--c.na91.content.force.com/servlet/servlet.ImageServer?id=0152E000001TtDQQA0&oid=00D300000005om9EAA
31 KB
32 KB
Image
General
Full URL
https://citirel--c.na91.content.force.com/servlet/servlet.ImageServer?id=0152E000001TtDQQA0&oid=00D300000005om9EAA
Requested by
Host: email.homeloans.citi.com
URL: http://email.homeloans.citi.com/view/348945348079
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.11.188 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl8-ncg0-iad3.na91-ia2.force.com
Software
/
Resource Hash
49dba3c0728c92695be07d9b57e1143ad9953ee8949fd7aa836a71d248f655b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://email.homeloans.citi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 17:36:18 GMT
X-Content-Type-Options
nosniff
X-B3-TraceId
ccf57f343f5d7b07
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 19 Jun 2019 16:15:57 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Content-Type
image/jpeg
Cache-Control
public,max-age=900
X-B3-SpanId
ccf57f343f5d7b07
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Content-Security-Policy
upgrade-insecure-requests
X-Robots-Tag
none
X-B3-Sampled
0
Expires
Thu, 21 Jan 2021 17:51:18 GMT

Redirect headers

X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536002; includeSubDomains
Referrer-Policy
origin-when-cross-origin
X-B3-TraceId
be4ad6284704974f
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D300000005om9m"
Content-Type
text/html;charset=ISO-8859-1
Location
https://citirel--c.na91.content.force.com/servlet/servlet.ImageServer?id=0152E000001TtDQQA0&oid=00D300000005om9EAA
Cache-Control
must-revalidate,no-cache,no-store
X-B3-SpanId
be4ad6284704974f
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D300000005om9m";
X-B3-Sampled
0
X-Robots-Tag
none
Content-Length
730
X-XSS-Protection
1; mode=block
plt-outro-tag-desktop.png
softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/
4 KB
4 KB
Image
General
Full URL
https://softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/plt-outro-tag-desktop.png
Requested by
Host: email.homeloans.citi.com
URL: http://email.homeloans.citi.com/view/348945348079
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.136.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e0ba9942fb58d7ea3f0aadaa03a04f38fc78449d8e6e2c7f9e6c9ef9f6d60234

Request headers

Referer
http://email.homeloans.citi.com/view/348945348079
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 17:36:19 GMT
Last-Modified
Thu, 02 Apr 2020 22:09:35 GMT
Server
AmazonS3
x-amz-request-id
096C8E0F42F6759D
ETag
"4f75543d9bfc026b7400c5a347116dd2"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4203
x-amz-id-2
mQLrf6loriGB8dJap1mktU+ip+UIyhs7TXsbkndpWrGXgehAF4lYGHa0YLwukPI4MiOLRRN7WA4=
icon-ehl-black.png
softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/
7 KB
7 KB
Image
General
Full URL
https://softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/icon-ehl-black.png
Requested by
Host: email.homeloans.citi.com
URL: http://email.homeloans.citi.com/view/348945348079
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.136.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
70441167506fbe19002693bde57f5c8730c3f1273da04d32e0b1dc9098dfa594

Request headers

Referer
http://email.homeloans.citi.com/view/348945348079
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 17:36:19 GMT
Last-Modified
Tue, 05 Dec 2017 22:12:02 GMT
Server
AmazonS3
x-amz-request-id
5BE559E025A0B945
ETag
"52ff171ebee2b8889204e4131e31f172"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
7052
x-amz-id-2
WofFsR2hNM2TQtVTzABxfVVZtu2RCQyutjF7Sp3AteIcSW6zgc0D5khwfTC35y63bctw64a2eZE=
348945348079
email.homeloans.citi.com/pb/
42 B
421 B
Image
General
Full URL
http://email.homeloans.citi.com/pb/348945348079
Requested by
Host: email.homeloans.citi.com
URL: http://email.homeloans.citi.com/view/348945348079
Protocol
HTTP/1.1
Server
52.1.126.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-126-9.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://email.homeloans.citi.com/view/348945348079
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jan 2021 17:36:18 GMT
X-Content-Type-Options
nosniff
ETag
W/"2a-1fzrZTJkPQ2E/+CcQMSB7N9Z4Vo"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
private,no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
42
X-XSS-Protection
1; mode=block
Expires
-1

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block