urlscan.io logo urlscan.io
SecurityTrails logo

cas.noodles.tools Open in urlscan Pro
34.142.161.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://x2.x1.mng.ohstore.xyz/
Effective URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
Submission: On January 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 5 HTTP transactions. The main IP is 34.142.161.3, located in Singapore, Singapore and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is cas.noodles.tools.
TLS certificate: Issued by R3 on October 25th 2023. Valid for: 3 months.
This is the only time cas.noodles.tools was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 47.236.131.235 45102 (ALIBABA-C...)
1 34.142.161.3 396982 (GOOGLE-CL...)
1 118.31.219.216 37963 (ALIBABA-C...)
2 18.173.242.138 16509 (AMAZON-02)
1 185.23.181.26 138915 (KAOPU-HK ...)
5 4
1    47.236.131.235 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
x2.x1.mng.ohstore.xyz
1    34.142.161.3 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.161.142.34.bc.googleusercontent.com
cas.noodles.tools
1    118.31.219.216 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
handwork-dev.oss-cn-hangzhou.aliyuncs.com
2    18.173.242.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-242-138.jfk52.r.cloudfront.net
dm05xir8r86ek.cloudfront.net
1    185.23.181.26 (Frankfurt am Main, Germany)

ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK)
cdn.bootcdn.net
Domain Requested by
2 dm05xir8r86ek.cloudfront.net cas.noodles.tools
1 cdn.bootcdn.net cas.noodles.tools
1 handwork-dev.oss-cn-hangzhou.aliyuncs.com cas.noodles.tools
1 cas.noodles.tools
1 x2.x1.mng.ohstore.xyz 1 redirects
5 5

This site contains no links.

Subject Issuer Validity Valid
cas.noodles.tools
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.oss-cn-hangzhou.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-07-07 -
2024-03-18		 8 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.bootcss.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-03 -
2025-02-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
Frame ID: 92DB93F70422532DCDF514C9407AF353
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MFA-CAS

Page URL History Show full URLs

  1. https://x2.x1.mng.ohstore.xyz/ HTTP 302
    https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

372 kB
Transfer

415 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://x2.x1.mng.ohstore.xyz/ HTTP 302
    https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mfa.html
cas.noodles.tools/
Redirect Chain
  • https://x2.x1.mng.ohstore.xyz/
  • https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.142.161.3 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.161.142.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2499b46b5d8e40c4f712826dbb961f1942d0ec0e555858eeb4e58f034b60ab4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type
content-encoding
gzip
content-language
en-US
content-type
text/html;charset=UTF-8
date
Fri, 05 Jan 2024 14:11:14 GMT
server
nginx/1.20.1
vary
Accept-Encoding

Redirect headers

content-length
142
content-type
text/html
date
Fri, 05 Jan 2024 14:11:13 GMT
location
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
server
openresty
default.png
handwork-dev.oss-cn-hangzhou.aliyuncs.com/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://handwork-dev.oss-cn-hangzhou.aliyuncs.com/default.png
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.31.219.216 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0ab4f0ce28c20e2f7bc319bcf6be816ff345422d82ea51001ec666833a921f25

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cas.noodles.tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 14:11:16 GMT
x-oss-request-id
65980E04A0BE373231CC106A
Content-MD5
fWnTBrcjgdlqeV2f/DpDKQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
52873
x-oss-object-type
Normal
Last-Modified
Thu, 10 Aug 2023 08:20:36 GMT
Server
AliyunOSS
x-oss-server-side-encryption
AES256
ETag
"7D69D306B72381D96A795D9FFC3A4329"
Content-Type
image/png
x-oss-ec
0048-00000105
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
2995373396559353526
x-oss-server-time
28
fingerprint2.min.js
dm05xir8r86ek.cloudfront.net/libs/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dm05xir8r86ek.cloudfront.net/libs/fingerprint2.min.js
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.242.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-242-138.jfk52.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
b0efe3481b4a288a839d2593e51113b8e402c4ada44b812d7527efb077dbd4d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cas.noodles.tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 08:57:02 GMT
content-encoding
br
via
1.1 d256d517610f633eae85f1fada59368e.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 13:53:30 GMT
server
nginx/1.22.1
x-amz-cf-pop
JFK52-P1
age
18852
etag
W/"64d39a5a-781f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
MS40ODDgtOMcdIjjxqPhjywvk1rpQItbdVlFyL5V_eVJtD66E6Zd9g==
axios.min.js
cdn.bootcdn.net/ajax/libs/axios/1.3.6/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/axios/1.3.6/axios.min.js
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.23.181.26 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
02a56cdba3c6159a73d7166a2389089a87230db84d71fa55fa89ec8699c66266

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cas.noodles.tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:11:17 GMT
content-encoding
gzip
server
nginx
etag
W/"7bcf-neUOzBgGDeZIl5dvY31f//nEtOY"
access-control-max-age
1800
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser
BC171_lt-shandong-jinan-15-cache-1, BC32_US-Michigan-chieago-1-cache-1, BC26_DE-Frankfurt-Frankfurt-7-cache-2
bg.jpeg
dm05xir8r86ek.cloudfront.net/admin/ 		292 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm05xir8r86ek.cloudfront.net/admin/bg.jpeg
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.242.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-242-138.jfk52.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
6a4070444d2c3e363197c66aebfd3d8edd4c387d8bdd1f779e3e9d7a75d8b933

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cas.noodles.tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 08:57:02 GMT
via
1.1 d256d517610f633eae85f1fada59368e.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jul 2023 14:15:37 GMT
server
nginx/1.22.1
x-amz-cf-pop
JFK52-P1
age
18852
etag
"64ad6409-4901c"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
299036
x-amz-cf-id
KvRYEiLj_m5nNi5FEH-_1KvvT4m0ZVfmilp5TlzHuV1NYeyPvMeCrQ==

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture boolean| coverSupport function| Fingerprint2 function| axios function| getQueryParam function| getQrCode

0 Cookies