In the picture above is a breakdown for a typical URL, and here are the main parts of it, and what you should be looking for.
If it were HTTP (Hypertext Transfer Protocol) that would mean the text is transferred as it is, and everyone who cares enough to “listen” on the network can read what you send and receive. Definitely no credit card numbers nor usernames and passwords should be entered on a page that starts with HTTP.
HTTPS, however, means that the transfer is secured; as in encrypted. A lot safer than the http, but by no means fool proof. You still need to be careful not to send sensitive information through public networks (Airport WIFI, Starbucks, hotels…) even if they were secured.
This is the “name” of the company, or organization. If you see LinkedIn sending you an email from North Royalton City’s Hostname, you know it’s Phishing!
This is a file inside a folder, I can say. www.tests.discomputers.com is still a section of www.discomputers.com, and if you receive an email that contains subdomains simply go to the very last value before the Top-Level-Domain (before the .com or .org etc.). What is the last thing? That’s who’s calling.
Example1: email@example.com is an email coming from www.billing.com, and not from Citibank.com!
Example2: firstname.lastname@example.org is coming from www.citi.com .