valleyoboffice.com
Open in
urlscan Pro
2606:4700:3034::ac43:c9f8
Public Scan
Effective URL: https://valleyoboffice.com/page/Page_view/NP_Job
Submission Tags: phishing malicious Search All
Submission: On March 10 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 12th 2020. Valid for: a year.
This is the only time valleyoboffice.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.223.134.247 34.223.134.247 | 16509 (AMAZON-02) (AMAZON-02) | |
18 | 2606:4700:303... 2606:4700:3034::ac43:c9f8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2 |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-134-247.us-west-2.compute.amazonaws.com
mailwizz.valltalk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
valleyoboffice.com
valleyoboffice.com |
276 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
37 KB |
1 |
valltalk.com
1 redirects
mailwizz.valltalk.com |
510 B |
21 | 3 |
Domain | Requested by | |
---|---|---|
18 | valleyoboffice.com |
valleyoboffice.com
|
3 | cdnjs.cloudflare.com |
valleyoboffice.com
|
1 | mailwizz.valltalk.com | 1 redirects |
21 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
valleyobcare.com |
www.visittemeculavalley.com |
www.temeculawines.org |
visitcarlsbad.com |
visitoceanside.org |
www.cityofmenifee.us |
exploremurrieta.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-12-12 - 2021-12-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://valleyoboffice.com/page/Page_view/NP_Job
Frame ID: E81F48308CA519262924061263ACA3E2
Requests: 21 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mailwizz.valltalk.com/latest/index.php/campaigns/ab396e0okke96/track-url/gk2984axftefb/84ff6e536f8...
HTTP 301
https://valleyoboffice.com/page/Page_view/NP_Job Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: www.ValleyOBcare.comĀ
Search URL Search Domain Scan URL
Title: https://www.visittemeculavalley.com/
Search URL Search Domain Scan URL
Title: http://www.temeculawines.org/
Search URL Search Domain Scan URL
Title: http://visitcarlsbad.com/
Search URL Search Domain Scan URL
Title: https://visitoceanside.org/
Search URL Search Domain Scan URL
Title: https://www.cityofmenifee.us/
Search URL Search Domain Scan URL
Title: http://www.murrietaca.gov/default.asp
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mailwizz.valltalk.com/latest/index.php/campaigns/ab396e0okke96/track-url/gk2984axftefb/84ff6e536f8674e82f49ec5f25a5fd34dc3240bc
HTTP 301
https://valleyoboffice.com/page/Page_view/NP_Job Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
NP_Job
valleyoboffice.com/page/Page_view/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
valleyoboffice.com/page/assets/plugins/bootstrap/css/ |
95 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uniform.default.css
valleyoboffice.com/page/assets/plugins/uniform/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datepicker.css
valleyoboffice.com/page/assets/plugins/bootstrap-datepicker/css/ |
17 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2_metro.css
valleyoboffice.com/page/assets/plugins/select2/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-metronic.css
valleyoboffice.com/page/assets/css/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
valleyoboffice.com/page/assets/css/ |
81 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
valleyoboffice.com/page/assets/css/style/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert.css
valleyoboffice.com/page/assets/css/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-responsive.css
valleyoboffice.com/page/assets/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins.css
valleyoboffice.com/page/assets/css/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
valleyoboffice.com/page/assets/css/ |
136 B 425 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/ |
26 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ckeditor.js
valleyoboffice.com/page/assets/ckeditor/ |
552 KB 152 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.0/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert.min.js
cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
valleyoboffice.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font.css
valleyoboffice.com/page/assets/fonts/ |
902 B 658 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
valleyoboffice.com/page/assets/fonts/ |
21 KB 22 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
valleyoboffice.com/page/assets/fonts/ |
22 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff
valleyoboffice.com/page/assets/fonts/ |
22 KB 22 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| CKEDITOR function| $ function| jQuery function| swal function| sweetAlert3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
valleyoboffice.com/ | Name: ci_session Value: 65e80e60a6a742ba14151992f5c3d20cda156a85 |
|
valleyoboffice.com/ | Name: csrf_cookie_name Value: cc1b414c6b8568ba0b4179684acac009 |
|
.valleyoboffice.com/ | Name: __cfduid Value: dbcc52859e6682adfc2c861d98752bfe41615389097 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
mailwizz.valltalk.com
valleyoboffice.com
2606:4700:3034::ac43:c9f8
2606:4700::6810:125e
34.223.134.247
004942eabbc0c2898e7a65096330d167554b4e4312590712ac94aeaf219be6b8
0bee256e9db6f7b5f3788c03f906e3b0eea97e512e54a29b23153410b9cb6044
21086c4a926a61afd36fa1368745d140dd4412b3af82b4b5d90a84dc6b0609b5
2365f8756872abed10d16e7d7eb48ad940a4ffd140c5f7ce8c001db5e086b361
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4dff4ca53241810c31e9f71ab3fe58a802fd04d4220b953bd366429bb326849c
509cdffef9301d11dd29dbb99d08c062be8bf6f020bdf393a90455087bf54829
520cf7cfdcff46759d87c763be348939a74a2c1f2b3fc1e3bd4c9520d1c035dc
66903e6c4dbd81a865681524f17c2518e1905132fe94c0110365af0ac327c358
752a3af611ccc4ce754487201b3a94c72db053b9e115ed212bbfc360fbab7403
75b5393f4dff0a697f39d9683cd5f53825ab6e258251399f6c9320229fdb6d1e
7a056fc64aba501090c8acd106b0c7bbc9a267914e695ae34aa42a6ae2a094a7
7e7fd69ff0a1671b508800f38f6ad3690650c27c0a1f3f505629ecbe6ba51942
8f4e41653c07eab6843f8af5e4f92b674530da3f0c8a63dac801f808d8dc1e19
90556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
93ae81483be2e9705db4cd911fa410bc2cf6c24f355dc5ac899de49fab854e63
9ef83ab3cd98b39b0826364a7a0c2507dc92c87d9abc60dc7e7780545d6e1ab5
cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a45
d8aeabcaeb0803197456e858f429d980f59eef631d62210a4c94ed6c210f9bbe