cas.noodles.tools
Open in
urlscan Pro
34.142.161.3
Public Scan
Effective URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
Submission: On January 05 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on October 25th 2023. Valid for: 3 months.
This is the only time cas.noodles.tools was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 47.236.131.235 47.236.131.235 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 34.142.161.3 34.142.161.3 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 118.31.219.216 118.31.219.216 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
2 | 18.173.242.138 18.173.242.138 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 185.23.181.26 185.23.181.26 | 138915 (KAOPU-HK ...) (KAOPU-HK Kaopu Cloud HK Limited) | |
5 | 4 |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
x2.x1.mng.ohstore.xyz |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.161.142.34.bc.googleusercontent.com
cas.noodles.tools |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
handwork-dev.oss-cn-hangzhou.aliyuncs.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-242-138.jfk52.r.cloudfront.net
dm05xir8r86ek.cloudfront.net |
ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK)
cdn.bootcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
cloudfront.net
dm05xir8r86ek.cloudfront.net |
304 KB |
1 |
bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 91208 |
13 KB |
1 |
aliyuncs.com
handwork-dev.oss-cn-hangzhou.aliyuncs.com |
52 KB |
1 |
noodles.tools
cas.noodles.tools |
3 KB |
1 |
ohstore.xyz
1 redirects
x2.x1.mng.ohstore.xyz |
126 B |
5 | 5 |
Domain | Requested by | |
---|---|---|
2 | dm05xir8r86ek.cloudfront.net |
cas.noodles.tools
|
1 | cdn.bootcdn.net |
cas.noodles.tools
|
1 | handwork-dev.oss-cn-hangzhou.aliyuncs.com |
cas.noodles.tools
|
1 | cas.noodles.tools | |
1 | x2.x1.mng.ohstore.xyz | 1 redirects |
5 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cas.noodles.tools R3 |
2023-10-25 - 2024-01-23 |
3 months | crt.sh |
*.oss-cn-hangzhou.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-07-07 - 2024-03-18 |
8 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
*.bootcss.com Sectigo RSA Domain Validation Secure Server CA |
2024-01-03 - 2025-02-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F
Frame ID: 92DB93F70422532DCDF514C9407AF353
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
MFA-CASPage URL History Show full URLs
-
https://x2.x1.mng.ohstore.xyz/
HTTP 302
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F Page URL
Detected technologies
Ant Design (JavaScript Frameworks) ExpandDetected patterns
- <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Axios (JavaScript libraries) Expand
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
FingerprintJS (JavaScript libraries) Expand
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://x2.x1.mng.ohstore.xyz/
HTTP 302
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx2.x1.mng.ohstore.xyz%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
mfa.html
cas.noodles.tools/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.png
handwork-dev.oss-cn-hangzhou.aliyuncs.com/ |
52 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint2.min.js
dm05xir8r86ek.cloudfront.net/libs/ |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdn.bootcdn.net/ajax/libs/axios/1.3.6/ |
31 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpeg
dm05xir8r86ek.cloudfront.net/admin/ |
292 KB 293 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture boolean| coverSupport function| Fingerprint2 function| axios function| getQueryParam function| getQrCode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cas.noodles.tools
cdn.bootcdn.net
dm05xir8r86ek.cloudfront.net
handwork-dev.oss-cn-hangzhou.aliyuncs.com
x2.x1.mng.ohstore.xyz
118.31.219.216
18.173.242.138
185.23.181.26
34.142.161.3
47.236.131.235
02a56cdba3c6159a73d7166a2389089a87230db84d71fa55fa89ec8699c66266
0ab4f0ce28c20e2f7bc319bcf6be816ff345422d82ea51001ec666833a921f25
2499b46b5d8e40c4f712826dbb961f1942d0ec0e555858eeb4e58f034b60ab4b
6a4070444d2c3e363197c66aebfd3d8edd4c387d8bdd1f779e3e9d7a75d8b933
b0efe3481b4a288a839d2593e51113b8e402c4ada44b812d7527efb077dbd4d4