wellsfargo.levelwear.com Open in urlscan Pro
66.11.71.186 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wellsfargo.levelwear.com/
Submission Tags: @phishunt_io
Submission: On February 10 via api (February 10th 2022, 2:53:03 am UTC) from DE — Scanned from CA

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 66.11.71.186, located in Etobicoke, Canada and belongs to TRGO, CA. The main domain is wellsfargo.levelwear.com.
TLS certificate: Issued by R3 on February 9th 2022. Valid for: 3 months.

This is the only time wellsfargo.levelwear.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	66.11.71.186 66.11.71.186	20161 (TRGO) (TRGO)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:807::2003	15169 (GOOGLE) (GOOGLE)
13	4

7 66.11.71.186 (Etobicoke, Canada)

ASN20161 (TRGO, CA)
PTR: static-66-11-71-186.ptr.terago.net

wellsfargo.levelwear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	levelwear.com wellsfargo.levelwear.com	2 MB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	2 KB
1	gstatic.com fonts.gstatic.com	17 KB
13	4

	Domain	Requested by
7	wellsfargo.levelwear.com	wellsfargo.levelwear.com
3	fonts.googleapis.com	wellsfargo.levelwear.com
2	cdn.jsdelivr.net	wellsfargo.levelwear.com
1	fonts.gstatic.com	fonts.googleapis.com
13	4

This site contains no links.

Subject Issuer	Validity	Valid
wellsfargo.levelwear.com R3	`2022-02-09` - `2022-05-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wellsfargo.levelwear.com/
Frame ID: 55DB25AB56BB8D151B8C2C8A8892B96C
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wells Fargo Corporate Catalog

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

13
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2545 kB
Transfer

2999 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
wellsfargo.levelwear.com/ 9 KB
4 KB 123ms
37ms Document
text/html 66.11.71.186
TRGO

General

Check archive.org

Show headers Download Go to

Full URL

https://wellsfargo.levelwear.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

66.11.71.186 Etobicoke, Canada, ASN20161 (TRGO, CA),

Reverse DNS

static-66-11-71-186.ptr.terago.net

Software

nginx /

Resource Hash

d81ca447bea2a5b3d43d57f3c46ef3ef051d864030c95412adb87f17df482e82

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; frame-ancestors 'self';
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: nginx
Date: Thu, 10 Feb 2022 02:52:56 GMT
Content-Type: text/html
Last-Modified: Wed, 09 Feb 2022 21:13:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62042e6b-2246"
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=7889238
content-security-policy: block-all-mixed-content; upgrade-insecure-requests; frame-ancestors 'self';
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Content-Encoding: br

GET
H2 200 css
fonts.googleapis.com/ 3 KB
737 B 85ms
36ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One|Work+Sans:100|Yanone+Kaffeesatz:300&display=swap

Requested by

Host: wellsfargo.levelwear.com
URL: https://wellsfargo.levelwear.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c191dd273864848631389ff43a8d9f33a6407c00e9da485c0edde0356d15b71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 02:52:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 02:52:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 02:52:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 84ms
35ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: wellsfargo.levelwear.com
URL: https://wellsfargo.levelwear.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 01:22:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 02:52:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 02:52:56 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
416 B 91ms
44ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: wellsfargo.levelwear.com
URL: https://wellsfargo.levelwear.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 02:52:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 02:52:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 02:52:56 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
665 B 68ms
27ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: wellsfargo.levelwear.com
URL: https://wellsfargo.levelwear.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6130145
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19182-FRA, cache-yyz4560-YYZ
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6db20b5479074bb9-YUL

GET
H2 200 slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 3 KB
1 KB 66ms
25ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Requested by

Host: wellsfargo.levelwear.com
URL: https://wellsfargo.levelwear.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9266765
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-yyz4560-YYZ
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6db20b54790b4bb9-YUL

GET
H/1.1 200
OK main.87426135.js Show response
wellsfargo.levelwear.com/static/js/ 576 KB
159 KB 131ms
89ms Script
application/javascript 66.11.71.186
TRGO

General

Check archive.org

Show headers Download Go to

Full URL

https://wellsfargo.levelwear.com/static/js/main.87426135.js

Requested by

Host: wellsfargo.levelwear.com
URL: https://wellsfargo.levelwear.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

66.11.71.186 Etobicoke, Canada, ASN20161 (TRGO, CA),

Reverse DNS

static-66-11-71-186.ptr.terago.net

Software

nginx /

Resource Hash

d154bcb1acc5c848ecc64b2385269ef2cec3c3072cd6012c4b650374d969b296

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; frame-ancestors 'self';
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 02:52:56 GMT
Content-Encoding: br
x-content-type-options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Feb 2022 21:13:15 GMT
Server: nginx
ETag: W/"62042e6b-90120"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=7889238
content-language: en
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-security-policy: block-all-mixed-content; upgrade-insecure-requests; frame-ancestors 'self';
Content-Type: application/javascript

GET
H/1.1 200
OK main.50e84d73.css
wellsfargo.levelwear.com/static/css/ 28 KB
6 KB 42ms
41ms Stylesheet
text/css 66.11.71.186
TRGO

General

Check archive.org

Show headers Download Go to

Full URL

https://wellsfargo.levelwear.com/static/css/main.50e84d73.css

Requested by

Host: wellsfargo.levelwear.com
URL: https://wellsfargo.levelwear.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

66.11.71.186 Etobicoke, Canada, ASN20161 (TRGO, CA),

Reverse DNS

static-66-11-71-186.ptr.terago.net

Software

nginx /

Resource Hash

fcae545e51e018e5da08625a7b55b19a07ba9f4945042c5740e7c2c402743bc9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; frame-ancestors 'self';
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 02:52:56 GMT
Content-Encoding: br
x-content-type-options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Feb 2022 21:13:15 GMT
Server: nginx
ETag: W/"62042e6b-708a"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=7889238
content-language: en
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-security-policy: block-all-mixed-content; upgrade-insecure-requests; frame-ancestors 'self';
Content-Type: text/css

POST
H/1.1 200
OK / Show response
wellsfargo.levelwear.com/api/ 649 B
1 KB 50ms
50ms XHR
application/json 66.11.71.186
TRGO

General

Check archive.org

Show headers Download Go to

Full URL

https://wellsfargo.levelwear.com/api/

Requested by

Host: wellsfargo.levelwear.com
URL: https://wellsfargo.levelwear.com/static/js/main.87426135.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

66.11.71.186 Etobicoke, Canada, ASN20161 (TRGO, CA),

Reverse DNS

static-66-11-71-186.ptr.terago.net

Software

nginx /

Resource Hash

5db1882fa00c4aab3f4c953284e64df44e73592e60ab6105c786df905395a203

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; frame-ancestors 'self';
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://wellsfargo.levelwear.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 02:52:56 GMT
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
x-frame-options: SAMEORIGIN
ETag: W/"289-MMU87Th22oxd5rBIUuMG9Mr4Fws"
strict-transport-security: max-age=7889238
content-language: en
x-xss-protection: 1; mode=block
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-security-policy: block-all-mixed-content; upgrade-insecure-requests; frame-ancestors 'self';
Connection: keep-alive
Content-Type: application/json; charset=utf-8
x-content-type-options: nosniff

GET
H/1.1 200
OK WellsLogo.png
wellsfargo.levelwear.com/Images/200/Banners/ 6 KB
6 KB 96ms
96ms Image
image/webp 66.11.71.186
TRGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wellsfargo.levelwear.com/Images/200/Banners/WellsLogo.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.11.71.186 Etobicoke, Canada, ASN20161 (TRGO, CA),
Reverse DNS: static-66-11-71-186.ptr.terago.net
Software: nginx /
Resource Hash: 79a2ca587eeeb671df072cee02a6a6019ffa72c20dc1d784a3be7e6f72780827

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 02:52:56 GMT
X-Test: Banners/WellsLogo.png
Last-Modified: Wed, 09 Feb 2022 20:28:27 GMT
Server: nginx
ETag: W/"620423eb-378e"
Content-Type: image/webp
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 5882

GET
H/1.1 200
OK WellsFargoBanner.jpg
wellsfargo.levelwear.com/Images/Banners/ 1 MB
1 MB 97ms
96ms Image
image/webp 66.11.71.186
TRGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wellsfargo.levelwear.com/Images/Banners/WellsFargoBanner.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.11.71.186 Etobicoke, Canada, ASN20161 (TRGO, CA),
Reverse DNS: static-66-11-71-186.ptr.terago.net
Software: nginx /
Resource Hash: 06010a469f283984738a488e8b246cdfeb6da1a8244d5635da4fba3722c4e2e1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 02:52:56 GMT
Last-Modified: Wed, 09 Feb 2022 21:11:40 GMT
Server: nginx
ETag: "62042e0c-125536"
Content-Type: image/webp
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1201462
X-Requested-URL: /Images/Banners/WellsFargoBanner.jpg.webp

GET
H2 200 Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v12/ 16 KB
17 KB 75ms
22ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fjallaone/v12/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One|Work+Sans:100|Yanone+Kaffeesatz:300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wellsfargo.levelwear.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:04:42 GMT
x-content-type-options: nosniff
age: 24494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16588
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:04:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 20:04:42 GMT

GET
H/1.1 200
OK WellsFargoBanner.jpg
wellsfargo.levelwear.com/Images/Banners/ 1 MB
1 MB 26ms
25ms Image
image/webp 66.11.71.186
TRGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wellsfargo.levelwear.com/Images/Banners/WellsFargoBanner.jpg
Requested by: Host: wellsfargo.levelwear.com
URL: https://wellsfargo.levelwear.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.11.71.186 Etobicoke, Canada, ASN20161 (TRGO, CA),
Reverse DNS: static-66-11-71-186.ptr.terago.net
Software: nginx /
Resource Hash: 06010a469f283984738a488e8b246cdfeb6da1a8244d5635da4fba3722c4e2e1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://wellsfargo.levelwear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 02:52:57 GMT
Last-Modified: Wed, 09 Feb 2022 21:11:40 GMT
Server: nginx
ETag: "62042e0c-125536"
Content-Type: image/webp
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1201462
X-Requested-URL: /Images/Banners/WellsFargoBanner.jpg.webp

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; frame-ancestors 'self';
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
wellsfargo.levelwear.com
2606:4700::6810:5714
2607:f8b0:4006:807::2003
2607:f8b0:4006:81d::200a
66.11.71.186
06010a469f283984738a488e8b246cdfeb6da1a8244d5635da4fba3722c4e2e1
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
5db1882fa00c4aab3f4c953284e64df44e73592e60ab6105c786df905395a203
79a2ca587eeeb671df072cee02a6a6019ffa72c20dc1d784a3be7e6f72780827
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
c191dd273864848631389ff43a8d9f33a6407c00e9da485c0edde0356d15b71f
d154bcb1acc5c848ecc64b2385269ef2cec3c3072cd6012c4b650374d969b296
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
d81ca447bea2a5b3d43d57f3c46ef3ef051d864030c95412adb87f17df482e82
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
fcae545e51e018e5da08625a7b55b19a07ba9f4945042c5740e7c2c402743bc9

wellsfargo.levelwear.com Open in urlscan Pro 66.11.71.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

2545 kBTransfer

2999 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

wellsfargo.levelwear.com Open in urlscan Pro
66.11.71.186 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2545 kB
Transfer

2999 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions