email.homeloans.citi.com
Open in
urlscan Pro
52.1.126.9
Public Scan
Submission: On January 21 via api from US
Summary
This is the only time email.homeloans.citi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 52.1.126.9 52.1.126.9 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 52.216.144.75 52.216.144.75 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 52.216.136.19 52.216.136.19 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 13.110.9.189 13.110.9.189 | 14340 (SALESFORCE) (SALESFORCE) | |
1 | 13.110.11.188 13.110.11.188 | 14340 (SALESFORCE) (SALESFORCE) | |
8 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-126-9.compute-1.amazonaws.com
email.homeloans.citi.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
sv-mortgage.s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
softvu-private.s3.amazonaws.com |
ASN14340 (SALESFORCE, US)
PTR: dcl4-ncg0-iad3.na91-ia2.my.salesforce.com
citirel.my.salesforce.com |
ASN14340 (SALESFORCE, US)
PTR: dcl8-ncg0-iad3.na91-ia2.force.com
citirel--c.na91.content.force.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
amazonaws.com
sv-mortgage.s3.amazonaws.com softvu-private.s3.amazonaws.com |
74 KB |
2 |
citi.com
email.homeloans.citi.com |
6 KB |
1 |
force.com
citirel--c.na91.content.force.com |
32 KB |
1 |
salesforce.com
1 redirects
citirel.my.salesforce.com |
1 KB |
8 | 4 |
Domain | Requested by | |
---|---|---|
4 | softvu-private.s3.amazonaws.com |
email.homeloans.citi.com
|
2 | email.homeloans.citi.com |
email.homeloans.citi.com
|
1 | citirel--c.na91.content.force.com |
email.homeloans.citi.com
|
1 | citirel.my.salesforce.com | 1 redirects |
1 | sv-mortgage.s3.amazonaws.com |
email.homeloans.citi.com
|
8 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
citi.bridgetrack.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2021-03-12 |
a year | crt.sh |
*.na91.force.com DigiCert SHA2 Secure Server CA |
2020-02-07 - 2021-02-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://email.homeloans.citi.com/view/348945348079
Frame ID: F05A3F12613D5C918480F063116D26FD
Requests: 8 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: click here
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://citirel.my.salesforce.com/servlet/servlet.ImageServer?id=0152E000001TtDQQA0&oid=00D300000005om9EAA HTTP 301
- https://citirel--c.na91.content.force.com/servlet/servlet.ImageServer?id=0152E000001TtDQQA0&oid=00D300000005om9EAA
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
348945348079
email.homeloans.citi.com/view/ |
29 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
sv-mortgage.s3.amazonaws.com/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GettyImages-169086968-530x320.jpg
softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/_templates/c20842d885bb40aa9f2bada78eec574a/hero-image/ |
56 KB 56 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
servlet.ImageServer
citirel--c.na91.content.force.com/servlet/ Redirect Chain
|
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plt-outro-tag-desktop.png
softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-ehl-black.png
softvu-private.s3.amazonaws.com/client_9f6807a6dd8847e2a6cda8b96b0ba8b1/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
348945348079
email.homeloans.citi.com/pb/ |
42 B 421 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
citirel--c.na91.content.force.com
citirel.my.salesforce.com
email.homeloans.citi.com
softvu-private.s3.amazonaws.com
sv-mortgage.s3.amazonaws.com
13.110.11.188
13.110.9.189
52.1.126.9
52.216.136.19
52.216.144.75
31e3b9f9fa882e76ea11ff867c88bc7365a0d6f7d01f5bbd17df689e424212d5
49dba3c0728c92695be07d9b57e1143ad9953ee8949fd7aa836a71d248f655b5
70441167506fbe19002693bde57f5c8730c3f1273da04d32e0b1dc9098dfa594
843630b029a0f48dbad89b365e9b1b90fe8c19b3586d2f43090b95814d91751b
8aa7fdabbf8514e71cf8a9aa78e4c575b19dff198cc1613489a5056156c07a9a
d5b2b480eaa51ef43194de0c18bb7fe63a51195c7752af7cc48b5199c1766869
e0ba9942fb58d7ea3f0aadaa03a04f38fc78449d8e6e2c7f9e6c9ef9f6d60234
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629