www.preview.marketplace.team

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 52.51.114.195, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.preview.marketplace.team.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 16th 2024. Valid for: a year.

This is the only time www.preview.marketplace.team was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.19.133.225 52.19.133.225	16509 (AMAZON-02) (AMAZON-02)
6	52.51.114.195 52.51.114.195	16509 (AMAZON-02) (AMAZON-02)
6	1

1 52.19.133.225 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-133-225.eu-west-1.compute.amazonaws.com

www.preview.marketplace.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.51.114.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-114-195.eu-west-1.compute.amazonaws.com

www.preview.marketplace.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	marketplace.team 1 redirects www.preview.marketplace.team	170 KB
6	1

	Domain	Requested by
7	www.preview.marketplace.team	1 redirects www.preview.marketplace.team
6	1

This site contains links to these domains. Also see Links.

Domain
www.gov.uk
ico.org.uk
www.privacyshield.gov
www.nationalarchives.gov.uk

Subject Issuer	Validity	Valid
www.preview.marketplace.team Amazon RSA 2048 M02	`2024-02-16` - `2025-03-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.preview.marketplace.team/privacy-notice
Frame ID: EDC408189AB3A3EAD8D66C2C970CC4E1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How we use your data (privacy notice) - Digital Marketplace

Page URL History Show full URLs

http://www.preview.marketplace.team/privacy-notice HTTP 301
https://www.preview.marketplace.team/privacy-notice Page URL

Detected technologies

GOV.UK Frontend (UI frameworks) Expand

Overall confidence: 80%
Detected patterns

<body[^>]+govuk-template__body
<a[^>]+govuk-link

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

170 kB
Transfer

375 kB
Size

2
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gov.uk/guidance/buying-and-selling-on-the-digital-marketplace
Title: Guidance

Search URL Search Domain Scan URL

URL: https://ico.org.uk/ESDWebPages/Entry/Z7414053
Title: Cabinet Office’s entry in the Data Protection Public Register for more information

Search URL Search Domain Scan URL

URL: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/
Title: Article 6 of The General Data Protection Regulation (GDPR)

Search URL Search Domain Scan URL

URL: https://www.privacyshield.gov/welcome
Title: US Privacy Shield scheme

Search URL Search Domain Scan URL

URL: https://ico.org.uk/your-data-matters/your-right-to-limit-how-organisations-use-your-data/
Title: we only process your data in certain circumstances

Search URL Search Domain Scan URL

URL: https://ico.org.uk/your-data-matters/your-right-of-access/
Title: subject access request

Search URL Search Domain Scan URL

URL: https://www.gov.uk/guidance/digital-marketplace-buyers-guide
Title: Services you can buy

Search URL Search Domain Scan URL

URL: https://www.gov.uk/guidance/digital-marketplace-suppliers-guide
Title: Services you can sell

Search URL Search Domain Scan URL

URL: https://www.gov.uk/government/organisations/crown-commercial-service
Title: About Crown Commercial Services

Search URL Search Domain Scan URL

URL: https://www.gov.uk/government/organisations/government-digital-service
Title: About Government Digital Services

Search URL Search Domain Scan URL

URL: https://www.gov.uk/guidance/g-cloud-suppliers-guide
Title: Applying to sell on the G-Cloud framework

Search URL Search Domain Scan URL

URL: https://www.gov.uk/guidance/how-to-apply-to-sell-on-the-digital-outcomes-framework
Title: Applying to sell on the DOS framework

Search URL Search Domain Scan URL

URL: https://www.gov.uk/guidance/how-to-sell-your-digital-outcomes-and-specialists-services
Title: Responding to buyer requirements on the DOS framework

Search URL Search Domain Scan URL

URL: https://www.gov.uk/guidance/g-cloud-buyers-guide
Title: Buying on the G-Cloud framework

Search URL Search Domain Scan URL

URL: https://www.gov.uk/guidance/digital-outcomes-and-specialists-buyers-guide
Title: Buying on the DOS framework

Search URL Search Domain Scan URL

URL: https://www.gov.uk/guidance/the-crown-hosting-data-centres-framework-on-the-digital-marketplace
Title: Buying on the Crown Hosting framework

Search URL Search Domain Scan URL

URL: https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/
Title: Open Government Licence v3.0

Search URL Search Domain Scan URL

URL: https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/
Title: © Crown copyright

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.preview.marketplace.team/privacy-notice HTTP 301
https://www.preview.marketplace.team/privacy-notice Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request privacy-notice Show response
www.preview.marketplace.team/
Redirect Chain

http://www.preview.marketplace.team/privacy-notice
https://www.preview.marketplace.team/privacy-notice

26 KB
27 KB

420ms
214ms

Document
text/html

52.51.114.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.preview.marketplace.team/privacy-notice

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.114.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-114-195.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

574b64d16096a74865b75a81e16ba08199968b647002b95de7c35ce77bc22cb8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 26995
content-type: text/html; charset=utf-8
date: Tue, 19 Mar 2024 23:20:35 GMT
dm-request-id: af2ccd74af1882d2c1e39f3a895b105c
server: nginx
x-b3-spanid: None
x-b3-traceid: af2ccd74af1882d2c1e39f3a895b105c
x-frame-options: DENY

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Tue, 19 Mar 2024 23:20:35 GMT
Location: https://www.preview.marketplace.team:443/privacy-notice
Server: awselb/2.0

GET
H2 200 application.css
www.preview.marketplace.team/static/stylesheets/ 134 KB
22 KB 106ms
104ms Stylesheet
text/css 52.51.114.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.preview.marketplace.team/static/stylesheets/application.css?b8fc9e243718bb5e4d37684da19633d8
Requested by: Host: www.preview.marketplace.team
URL: https://www.preview.marketplace.team/privacy-notice
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.114.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-114-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 68e646c3550623c658d1d6cbeaf6a086f269fbfbecc4f7f8e10d010f528256cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.preview.marketplace.team/privacy-notice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 23:20:35 GMT
cache-control: public, max-age=86400
content-encoding: gzip
last-modified: Thu, 08 Feb 2024 11:43:33 GMT
server: nginx
etag: W/"65c4be65-2193c"
content-type: text/css

GET
H2 200 application.js Show response
www.preview.marketplace.team/static/javascripts/ 148 KB
54 KB 106ms
105ms Script
application/javascript 52.51.114.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.preview.marketplace.team/static/javascripts/application.js?ab99cb7590cd3e04a2381a622d7cb0fc
Requested by: Host: www.preview.marketplace.team
URL: https://www.preview.marketplace.team/privacy-notice
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.114.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-114-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1d815c2c53c231141bd27e05f8f37dfe6fb0a41e3272ea492c46d6b939ba9ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.preview.marketplace.team/privacy-notice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 23:20:35 GMT
cache-control: public, max-age=86400
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 14:57:04 GMT
server: nginx
etag: W/"65a69940-24e75"
content-type: application/javascript; charset=utf-8

GET
H2 200 govuk-crest.png
www.preview.marketplace.team/static/images/ 4 KB
4 KB 192ms
191ms Image
image/png 52.51.114.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.preview.marketplace.team/static/images/govuk-crest.png
Requested by: Host: www.preview.marketplace.team
URL: https://www.preview.marketplace.team/static/stylesheets/application.css?b8fc9e243718bb5e4d37684da19633d8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.114.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-114-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.preview.marketplace.team/static/stylesheets/application.css?b8fc9e243718bb5e4d37684da19633d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 23:20:36 GMT
last-modified: Thu, 08 Feb 2024 11:43:24 GMT
server: nginx
etag: "65c4be5c-e00"
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 3584

GET
H2 200 light-94a07e06a1-v2.woff2
www.preview.marketplace.team/static/fonts/ 33 KB
33 KB 106ms
105ms Font
font/woff2 52.51.114.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.preview.marketplace.team/static/fonts/light-94a07e06a1-v2.woff2
Requested by: Host: www.preview.marketplace.team
URL: https://www.preview.marketplace.team/static/stylesheets/application.css?b8fc9e243718bb5e4d37684da19633d8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.114.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-114-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0

Request headers

Referer: https://www.preview.marketplace.team/static/stylesheets/application.css?b8fc9e243718bb5e4d37684da19633d8
Origin: https://www.preview.marketplace.team
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 23:20:36 GMT
last-modified: Thu, 08 Feb 2024 11:43:24 GMT
server: nginx
etag: "65c4be5c-8266"
content-type: font/woff2
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 33382

GET
H2 200 bold-b542beb274-v2.woff2
www.preview.marketplace.team/static/fonts/ 31 KB
31 KB 190ms
190ms Font
font/woff2 52.51.114.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.preview.marketplace.team/static/fonts/bold-b542beb274-v2.woff2
Requested by: Host: www.preview.marketplace.team
URL: https://www.preview.marketplace.team/static/stylesheets/application.css?b8fc9e243718bb5e4d37684da19633d8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.114.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-114-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47

Request headers

Referer: https://www.preview.marketplace.team/static/stylesheets/application.css?b8fc9e243718bb5e4d37684da19633d8
Origin: https://www.preview.marketplace.team
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 23:20:36 GMT
last-modified: Thu, 08 Feb 2024 11:43:24 GMT
server: nginx
etag: "65c4be5c-7af8"
content-type: font/woff2
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 31480

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.preview.marketplace.team/	1970-01-21 04:00:26	Name: dm_cookie_probe Value: yum
			.preview.marketplace.team/	1970-01-20 19:14:54	Name: dm_session Value: c90103cf-b416-480e-bb0a-fa39b9224ee9.V336jyn614kRdzJFsqIJsQudym8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.preview.marketplace.team
52.19.133.225
52.51.114.195
06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
574b64d16096a74865b75a81e16ba08199968b647002b95de7c35ce77bc22cb8
68e646c3550623c658d1d6cbeaf6a086f269fbfbecc4f7f8e10d010f528256cb
b1d815c2c53c231141bd27e05f8f37dfe6fb0a41e3272ea492c46d6b939ba9ec
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0

www.preview.marketplace.team Open in urlscan Pro 52.51.114.195 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

170 kBTransfer

375 kBSize

2 Cookies

18 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

www.preview.marketplace.team Open in urlscan Pro
52.51.114.195 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

170 kB
Transfer

375 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!