urlscan.io logo urlscan.io
SecurityTrails logo

www.williamhill.com Open in urlscan Pro
13.32.240.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure-web.cisco.com/1gbrpYoFKYrm05vcmBhZ7IdyQ8tHq5PbePAZ3uSeiaxwcCQpQ4q6mnKs_Onlcx3YP2SoDKnJWbLacJ__qPUHZz_t6r9CN6bK...
Effective URL: https://www.williamhill.com/us/nj/welcome/cbs/?af_c_id=GAMESPORT&pid=viacomcbs&dclid=CP_qy9fq5O0CFVb1dwodKOgI6g&sport=golf&a...
Submission: On December 23 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 4 domains to perform 1 HTTP transactions. The main IP is 13.32.240.54, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.williamhill.com.
TLS certificate: Issued by HydrantID SSL ICA G2 on February 12th 2020. Valid for: a year.
This is the only time www.williamhill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2620:101:2002... 16417 (IRONPORT-...)
1 1 216.58.208.38 15169 (GOOGLE)
1 1 13.32.240.103 16509 (AMAZON-02)
1 13.32.240.54 16509 (AMAZON-02)
1 1
Apex Domain
Subdomains		 Transfer
1 williamhill.com
www.williamhill.com
1 KB
1 onelink.me
whus.onelink.me
642 B
1 doubleclick.net
ad.doubleclick.net
924 B
1 cisco.com
secure-web.cisco.com
592 B
1 4
Domain Requested by
1 www.williamhill.com
1 whus.onelink.me 1 redirects
1 ad.doubleclick.net 1 redirects
1 secure-web.cisco.com 1 redirects
1 4

This site contains no links.

Subject Issuer Validity Valid
www.williamhill.com
HydrantID SSL ICA G2		 2020-02-12 -
2021-02-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.williamhill.com/us/nj/welcome/cbs/?af_c_id=GAMESPORT&pid=viacomcbs&dclid=CP_qy9fq5O0CFVb1dwodKOgI6g&sport=golf&af_prt=viacomcbs&utm_source=viacomcbs&utm_medium=email&af_ad=[VGUID]&utm_campaign=email&zone=cbss&af_channel=email&bc=GAMESPORT&af_click=30d&ar=cbssobv1111&league=pga&utm_banner=[VGUID]&c=cbssobv1111&utm_offer=GAMESPORT
Frame ID: 1FB2A0D0683FA9A32CAA29E0AB68529E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://secure-web.cisco.com/1gbrpYoFKYrm05vcmBhZ7IdyQ8tHq5PbePAZ3uSeiaxwcCQpQ4q6mnKs_Onlcx3YP2SoDKnJWbLa... HTTP 302
    https://ad.doubleclick.net/ddm/clk/474696742;280606554;u?https://whus.onelink.me/F35S?pid=viacomcbs&utm... HTTP 302
    https://whus.onelink.me/F35S?pid=viacomcbs&utm_source=viacomcbs&af_prt=viacomcbs&af_ad=[VGUID]&utm_b... HTTP 302
    https://www.williamhill.com/us/nj/welcome/cbs/?af_c_id=GAMESPORT&pid=viacomcbs&dclid=CP_qy9fq5O0CFVb1dwo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

1
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

1
IPs

1
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure-web.cisco.com/1gbrpYoFKYrm05vcmBhZ7IdyQ8tHq5PbePAZ3uSeiaxwcCQpQ4q6mnKs_Onlcx3YP2SoDKnJWbLacJ__qPUHZz_t6r9CN6bKNg0XJcJvtZTVxiM_l6RLN3BpkADS5GxqtvYMc7eljORXCe0XPBoPGAT1PbPsqXL58dH5DlqeksJqKKXuD3nRgh6yBQgmx89AtAHhlr6GTP1-lMzgRKyq_lid23Ho8GjthahHOkNQtUGynt4JguPETVBCl3PYn41LGISGK7UBehVFPlHVBIBwlVe3m_HzATXOS7zPTdKlxB9IBDsSEweyOAIdDQgVQ06EW2yy0OJWsPt-x4u3-GoEgF1wQjnSKFV_RcEe2lHqvTRhToYQ02WrQhqJR9tZU2NTneCdpNTocAYStn3teRBR2weEIaWx6T1FtOOPwOBdXlxzJIdcYmg5spQcOWhn5mkTQ8O_EeSIJLEGDr8uM63gc9mOat-ixBm1blJbZbgevhefvKAv5r4Q-4aCaMJ4zhx_re2rUSgqIWxHJ7RQI1psqRw/https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fclk%2F474696742%3B280606554%3Bu%3Fhttps%3A%2F%2Fwhus.onelink.me%2FF35S%3Fpid%3Dviacomcbs%26utm_source%3Dviacomcbs%26af_prt%3Dviacomcbs%26af_ad%3D%5BVGUID%5D%26utm_banner%3D%5BVGUID%5D%26ar%3Dcbssobv1111%26c%3Dcbssobv1111%26utm_campaign%3Demail%26af_channel%3Demail%26utm_medium%3Demail%26af_c_id%3DGAMESPORT%26utm_offer%3DGAMESPORT%26bc%3DGAMESPORT%26sport%3Dgolf%26league%3Dpga%26zone%3Dcbss%26af_click%3D30d HTTP 302
    https://ad.doubleclick.net/ddm/clk/474696742;280606554;u?https://whus.onelink.me/F35S?pid=viacomcbs&utm_source=viacomcbs&af_prt=viacomcbs&af_ad=[VGUID]&utm_banner=[VGUID]&ar=cbssobv1111&c=cbssobv1111&utm_campaign=email&af_channel=email&utm_medium=email&af_c_id=GAMESPORT&utm_offer=GAMESPORT&bc=GAMESPORT&sport=golf&league=pga&zone=cbss&af_click=30d HTTP 302
    https://whus.onelink.me/F35S?pid=viacomcbs&utm_source=viacomcbs&af_prt=viacomcbs&af_ad=[VGUID]&utm_banner=[VGUID]&ar=cbssobv1111&c=cbssobv1111&utm_campaign=email&af_channel=email&utm_medium=email&af_c_id=GAMESPORT&utm_offer=GAMESPORT&bc=GAMESPORT&sport=golf&league=pga&zone=cbss&af_click=30d&dclid=CP_qy9fq5O0CFVb1dwodKOgI6g HTTP 302
    https://www.williamhill.com/us/nj/welcome/cbs/?af_c_id=GAMESPORT&pid=viacomcbs&dclid=CP_qy9fq5O0CFVb1dwodKOgI6g&sport=golf&af_prt=viacomcbs&utm_source=viacomcbs&utm_medium=email&af_ad=[VGUID]&utm_campaign=email&zone=cbss&af_channel=email&bc=GAMESPORT&af_click=30d&ar=cbssobv1111&league=pga&utm_banner=[VGUID]&c=cbssobv1111&utm_offer=GAMESPORT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.williamhill.com/us/nj/welcome/cbs/
Redirect Chain
  • https://secure-web.cisco.com/1gbrpYoFKYrm05vcmBhZ7IdyQ8tHq5PbePAZ3uSeiaxwcCQpQ4q6mnKs_Onlcx3YP2SoDKnJWbLacJ__qPUHZz_t6r9CN6bKNg0XJcJvtZTVxiM_l6RLN3BpkADS5GxqtvYMc7eljORXCe0XPBoPGAT1PbPsqXL58dH5Dlqe...
  • https://ad.doubleclick.net/ddm/clk/474696742;280606554;u?https://whus.onelink.me/F35S?pid=viacomcbs&utm_source=viacomcbs&af_prt=viacomcbs&af_ad=[VGUID]&utm_banner=[VGUID]&ar=cbssobv1111&c=cbssobv11...
  • https://whus.onelink.me/F35S?pid=viacomcbs&utm_source=viacomcbs&af_prt=viacomcbs&af_ad=[VGUID]&utm_banner=[VGUID]&ar=cbssobv1111&c=cbssobv1111&utm_campaign=email&af_channel=email&utm_medium=email&a...
  • https://www.williamhill.com/us/nj/welcome/cbs/?af_c_id=GAMESPORT&pid=viacomcbs&dclid=CP_qy9fq5O0CFVb1dwodKOgI6g&sport=golf&af_prt=viacomcbs&utm_source=viacomcbs&utm_medium=email&af_ad=[VGUID]&utm_c...
919 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.williamhill.com/us/nj/welcome/cbs/?af_c_id=GAMESPORT&pid=viacomcbs&dclid=CP_qy9fq5O0CFVb1dwodKOgI6g&sport=golf&af_prt=viacomcbs&utm_source=viacomcbs&utm_medium=email&af_ad=[VGUID]&utm_campaign=email&zone=cbss&af_channel=email&bc=GAMESPORT&af_click=30d&ar=cbssobv1111&league=pga&utm_banner=[VGUID]&c=cbssobv1111&utm_offer=GAMESPORT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.240.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-240-54.ams50.r.cloudfront.net
Software
CloudFront /
Resource Hash
79426b07d5ed98a8b9a6ef6d083a9660e4ce0702f7a8c084f1d101543a1c2c6a

Request headers

:method
GET
:authority
www.williamhill.com
:scheme
https
:path
/us/nj/welcome/cbs/?af_c_id=GAMESPORT&pid=viacomcbs&dclid=CP_qy9fq5O0CFVb1dwodKOgI6g&sport=golf&af_prt=viacomcbs&utm_source=viacomcbs&utm_medium=email&af_ad=[VGUID]&utm_campaign=email&zone=cbss&af_channel=email&bc=GAMESPORT&af_click=30d&ar=cbssobv1111&league=pga&utm_banner=[VGUID]&c=cbssobv1111&utm_offer=GAMESPORT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
CloudFront
date
Wed, 23 Dec 2020 19:26:28 GMT
content-type
text/html
content-length
919
x-cache
Error from cloudfront
via
1.1 5345148f0ba8ae3c67b69d035acdbfc5.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
-P9tplsJM9PGPK0bPwDEpT9oEiGNU8mwYpjJksXdjRWKH4egznlb1A==

Redirect headers

content-type
application/octet-stream
content-length
0
location
https://www.williamhill.com/us/nj/welcome/cbs/?af_c_id=GAMESPORT&pid=viacomcbs&dclid=CP_qy9fq5O0CFVb1dwodKOgI6g&sport=golf&af_prt=viacomcbs&utm_source=viacomcbs&utm_medium=email&af_ad=[VGUID]&utm_campaign=email&zone=cbss&af_channel=email&bc=GAMESPORT&af_click=30d&ar=cbssobv1111&league=pga&utm_banner=[VGUID]&c=cbssobv1111&utm_offer=GAMESPORT
date
Wed, 23 Dec 2020 19:26:28 GMT
server
http-kit
set-cookie
af_id=f8ea91ca-764d-4d56-9b86-6df73da3882f-o;Expires=Fri, 23 Dec 2022 19:26:28 +0000;Domain=onelink.me;Path=/;Secure;SameSite=None
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
via
1.1 63cf97e5788a160a76e89d4e12e2ca29.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
UT0__BFrIJDkpHKRaaAFnkfwhCRPlk-KmApz4BoIE5tAIwvFnhtJag==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
secure-web.cisco.com
whus.onelink.me
www.williamhill.com
13.32.240.103
13.32.240.54
216.58.208.38
2620:101:2002:11f0::1001
79426b07d5ed98a8b9a6ef6d083a9660e4ce0702f7a8c084f1d101543a1c2c6a