URL: https://wtm.goldenemployee.com/
Submission: On May 15 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 34.89.161.112, located in Frankfurt am Main, Germany and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is wtm.goldenemployee.com.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.
This is the only time wtm.goldenemployee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 34.89.161.112 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
4 178.20.190.103 50670 (VTEL)
2 162.19.58.158 16276 (OVH)
12 4
Apex Domain
Subdomains
Transfer
5 goldenemployee.com
wtm.goldenemployee.com
155 KB
4 e-points.net
ws.e-points.net
384 B
2 ibb.co
i.ibb.co — Cisco Umbrella Rank: 10971
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
12 4
Domain Requested by
5 wtm.goldenemployee.com wtm.goldenemployee.com
4 ws.e-points.net wtm.goldenemployee.com
2 i.ibb.co
1 fonts.googleapis.com wtm.goldenemployee.com
12 4

This site contains no links.

Subject Issuer Validity Valid
wtm.goldenemployee.com
R3
2024-05-15 -
2024-08-13
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.e-points.net
Go Daddy Secure Certificate Authority - G2
2023-12-13 -
2024-12-13
a year crt.sh
ibb.co
R3
2024-04-22 -
2024-07-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://wtm.goldenemployee.com/
Frame ID: AE170E450FD483094BC82465C8EDC9FE
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Golden Employee

Page Statistics

12
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

171 kB
Transfer

498 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wtm.goldenemployee.com/
645 B
474 B
Document
General
Full URL
https://wtm.goldenemployee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.89.161.112 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.161.89.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e6f84ca6f9cef70935fd339f83554e52acdd56210a36da975bad4f1a549d0fbe

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 15 May 2024 09:38:40 GMT
etag
W/"66447e45-285"
last-modified
Wed, 15 May 2024 09:20:05 GMT
server
nginx
vary
Accept-Encoding
index-D-6dhb8k.js
wtm.goldenemployee.com/assets/
452 KB
147 KB
Script
General
Full URL
https://wtm.goldenemployee.com/assets/index-D-6dhb8k.js
Requested by
Host: wtm.goldenemployee.com
URL: https://wtm.goldenemployee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.89.161.112 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.161.89.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
95e041c61dee5d3d24a09c5a2bc8e6bbd11e8be7f7d041f1b9ea4532bbd95853

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wtm.goldenemployee.com/
Origin
https://wtm.goldenemployee.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:38:40 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2024 09:20:05 GMT
server
nginx
etag
W/"66447e45-70e0f"
vary
Accept-Encoding
content-type
application/javascript
index-Gn1MpH-g.css
wtm.goldenemployee.com/assets/
26 KB
6 KB
Stylesheet
General
Full URL
https://wtm.goldenemployee.com/assets/index-Gn1MpH-g.css
Requested by
Host: wtm.goldenemployee.com
URL: https://wtm.goldenemployee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.89.161.112 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.161.89.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5e4f8255a53c1d1e864b20b2124a11b0d7ce3cbac7cc3e5da9137ec5fc542d04

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wtm.goldenemployee.com/
Origin
https://wtm.goldenemployee.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:38:40 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2024 09:20:05 GMT
server
nginx
etag
W/"66447e45-664f"
vary
Accept-Encoding
content-type
text/css
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Requested by
Host: wtm.goldenemployee.com
URL: https://wtm.goldenemployee.com/assets/index-Gn1MpH-g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b8a445dbddfb9b7c56ffd4f34b6ca628a0d2c85b6a8f4da1eda376694377c3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wtm.goldenemployee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 May 2024 09:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 May 2024 09:35:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 May 2024 09:38:41 GMT
BalanceInquiry
ws.e-points.net/EpointsMobileService/EpointsMobileService/
0
0
Preflight
General
Full URL
https://ws.e-points.net/EpointsMobileService/EpointsMobileService/BalanceInquiry
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.20.190.103 Amman, Jordan, ASN50670 (VTEL, JO),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wtm.goldenemployee.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
access-control-allow-private-network
true
cache-control
private
content-length
0
date
Wed, 15 May 2024 09:35:09 GMT
BalanceInquiry
ws.e-points.net/EpointsMobileService/EpointsMobileService/
138 B
259 B
XHR
General
Full URL
https://ws.e-points.net/EpointsMobileService/EpointsMobileService/BalanceInquiry
Requested by
Host: wtm.goldenemployee.com
URL: https://wtm.goldenemployee.com/assets/index-D-6dhb8k.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.20.190.103 Amman, Jordan, ASN50670 (VTEL, JO),
Reverse DNS
Software
/
Resource Hash
9fa69278d22e0379e804159b1063a76a40bed02b04e6312b45724a3a103919c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://wtm.goldenemployee.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:35:09 GMT
access-control-allow-private-network
true
access-control-allow-methods
POST,GET,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type, Accept
content-length
138
GetVouchersDetailed
ws.e-points.net/EpointsMobileService/EpointsMobileService//
28 B
125 B
XHR
General
Full URL
https://ws.e-points.net/EpointsMobileService/EpointsMobileService//GetVouchersDetailed
Requested by
Host: wtm.goldenemployee.com
URL: https://wtm.goldenemployee.com/assets/index-D-6dhb8k.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.20.190.103 Amman, Jordan, ASN50670 (VTEL, JO),
Reverse DNS
Software
/
Resource Hash
8c3238ebd70b95cf9628c171163f572a05fbe3acfe1e8e3d0f9f20e447fe5537

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://wtm.goldenemployee.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:35:09 GMT
access-control-allow-private-network
true
access-control-allow-methods
POST,GET,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type, Accept
content-length
28
favicon-32x32.png
wtm.goldenemployee.com/
2 KB
2 KB
Other
General
Full URL
https://wtm.goldenemployee.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.89.161.112 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.161.89.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6db856c7a92ac513beb359746b67188d2d6b4c8d36cb9dc6623a4f3d9a020291

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wtm.goldenemployee.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:38:41 GMT
last-modified
Wed, 15 May 2024 09:20:05 GMT
server
nginx
accept-ranges
bytes
etag
"66447e45-650"
content-length
1616
content-type
image/png
GetVouchersDetailed
ws.e-points.net/EpointsMobileService/EpointsMobileService//
0
0
Preflight
General
Full URL
https://ws.e-points.net/EpointsMobileService/EpointsMobileService//GetVouchersDetailed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.20.190.103 Amman, Jordan, ASN50670 (VTEL, JO),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wtm.goldenemployee.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
access-control-allow-private-network
true
cache-control
private
content-length
0
date
Wed, 15 May 2024 09:35:09 GMT
favicon-32x32.png
wtm.goldenemployee.com/
2 KB
0
Other
General
Full URL
https://wtm.goldenemployee.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.89.161.112 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.161.89.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6db856c7a92ac513beb359746b67188d2d6b4c8d36cb9dc6623a4f3d9a020291

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wtm.goldenemployee.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:38:41 GMT
last-modified
Wed, 15 May 2024 09:20:05 GMT
server
nginx
accept-ranges
bytes
etag
"66447e45-650"
content-length
1616
content-type
image/png
logo-dark-1.png
i.ibb.co/xHN11m9/
6 KB
7 KB
Image
General
Full URL
https://i.ibb.co/xHN11m9/logo-dark-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
ffd3aebb20fde0faf81998be5ccbd8fbb8b03a7d4a37032ad767adcfef5978a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wtm.goldenemployee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:38:41 GMT
last-modified
Mon, 13 May 2024 09:35:18 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
6422
expires
Thu, 31 Dec 2037 23:55:55 GMT
Frame-152-1.png
i.ibb.co/j3PM9G9/
8 KB
8 KB
Image
General
Full URL
https://i.ibb.co/j3PM9G9/Frame-152-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
f56816d5f647b033646a2ea7f8051922250f3bc1bfe823c454580a1366f78d1c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wtm.goldenemployee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:38:41 GMT
last-modified
Wed, 28 Feb 2024 11:26:29 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8154
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion object| __SENTRY__

0 Cookies