www.preview.marketplace.team
Open in
urlscan Pro
52.51.114.195
Malicious Activity!
Public Scan
Effective URL: https://www.preview.marketplace.team/privacy-notice
Submission: On March 19 via api from US — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on February 16th 2024. Valid for: a year.
This is the only time www.preview.marketplace.team was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UK Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.19.133.225 52.19.133.225 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 52.51.114.195 52.51.114.195 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 1 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-133-225.eu-west-1.compute.amazonaws.com
www.preview.marketplace.team |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-114-195.eu-west-1.compute.amazonaws.com
www.preview.marketplace.team |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
marketplace.team
1 redirects
www.preview.marketplace.team |
170 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
7 | www.preview.marketplace.team |
1 redirects
www.preview.marketplace.team
|
6 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.gov.uk |
ico.org.uk |
www.privacyshield.gov |
www.nationalarchives.gov.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.preview.marketplace.team Amazon RSA 2048 M02 |
2024-02-16 - 2025-03-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.preview.marketplace.team/privacy-notice
Frame ID: EDC408189AB3A3EAD8D66C2C970CC4E1
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
How we use your data (privacy notice) - Digital MarketplacePage URL History Show full URLs
-
http://www.preview.marketplace.team/privacy-notice
HTTP 301
https://www.preview.marketplace.team/privacy-notice Page URL
Detected technologies
GOV.UK Frontend (UI frameworks) ExpandDetected patterns
- <body[^>]+govuk-template__body
- <a[^>]+govuk-link
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Guidance
Search URL Search Domain Scan URL
Title: Cabinet Office’s entry in the Data Protection Public Register for more information
Search URL Search Domain Scan URL
Title: Article 6 of The General Data Protection Regulation (GDPR)
Search URL Search Domain Scan URL
Title: US Privacy Shield scheme
Search URL Search Domain Scan URL
Title: we only process your data in certain circumstances
Search URL Search Domain Scan URL
Title: subject access request
Search URL Search Domain Scan URL
Title: Services you can buy
Search URL Search Domain Scan URL
Title: Services you can sell
Search URL Search Domain Scan URL
Title: About Crown Commercial Services
Search URL Search Domain Scan URL
Title: About Government Digital Services
Search URL Search Domain Scan URL
Title: Applying to sell on the G-Cloud framework
Search URL Search Domain Scan URL
Title: Applying to sell on the DOS framework
Search URL Search Domain Scan URL
Title: Responding to buyer requirements on the DOS framework
Search URL Search Domain Scan URL
Title: Buying on the G-Cloud framework
Search URL Search Domain Scan URL
Title: Buying on the DOS framework
Search URL Search Domain Scan URL
Title: Buying on the Crown Hosting framework
Search URL Search Domain Scan URL
Title: Open Government Licence v3.0
Search URL Search Domain Scan URL
Title: © Crown copyright
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.preview.marketplace.team/privacy-notice
HTTP 301
https://www.preview.marketplace.team/privacy-notice Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
privacy-notice
www.preview.marketplace.team/ Redirect Chain
|
26 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.css
www.preview.marketplace.team/static/stylesheets/ |
134 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.js
www.preview.marketplace.team/static/javascripts/ |
148 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
govuk-crest.png
www.preview.marketplace.team/static/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-94a07e06a1-v2.woff2
www.preview.marketplace.team/static/fonts/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bold-b542beb274-v2.woff2
www.preview.marketplace.team/static/fonts/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UK Government (Government)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| _typeof function| $ function| jQuery object| GOVUKFrontend object| DMGOVUKFrontend boolean| ga-disable-UA-49258698-12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.preview.marketplace.team/ | Name: dm_cookie_probe Value: yum |
|
.preview.marketplace.team/ | Name: dm_session Value: c90103cf-b416-480e-bb0a-fa39b9224ee9.V336jyn614kRdzJFsqIJsQudym8 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.preview.marketplace.team
52.19.133.225
52.51.114.195
06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
574b64d16096a74865b75a81e16ba08199968b647002b95de7c35ce77bc22cb8
68e646c3550623c658d1d6cbeaf6a086f269fbfbecc4f7f8e10d010f528256cb
b1d815c2c53c231141bd27e05f8f37dfe6fb0a41e3272ea492c46d6b939ba9ec
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0