cas.noodles.tools
Open in
urlscan Pro
34.142.161.3
Public Scan
Effective URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Submission: On April 17 via api from US — Scanned from SG
Summary
TLS certificate: Issued by R3 on February 7th 2024. Valid for: 3 months.
This is the only time cas.noodles.tools was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 47.236.131.235 47.236.131.235 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
2 | 34.142.161.3 34.142.161.3 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 118.31.219.201 118.31.219.201 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
2 | 13.225.0.128 13.225.0.128 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.18.54.56 104.18.54.56 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 4 |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
x5.x1.mng.ohstore.xyz |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.161.142.34.bc.googleusercontent.com
cas.noodles.tools |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
handwork-dev.oss-cn-hangzhou.aliyuncs.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-0-128.sin52.r.cloudfront.net
dm05xir8r86ek.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
cloudfront.net
dm05xir8r86ek.cloudfront.net |
304 KB |
2 |
noodles.tools
cas.noodles.tools |
4 KB |
1 |
bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 111831 |
13 KB |
1 |
aliyuncs.com
handwork-dev.oss-cn-hangzhou.aliyuncs.com |
52 KB |
1 |
ohstore.xyz
1 redirects
x5.x1.mng.ohstore.xyz |
126 B |
6 | 5 |
Domain | Requested by | |
---|---|---|
2 | dm05xir8r86ek.cloudfront.net |
cas.noodles.tools
|
2 | cas.noodles.tools | |
1 | cdn.bootcdn.net |
cas.noodles.tools
|
1 | handwork-dev.oss-cn-hangzhou.aliyuncs.com |
cas.noodles.tools
|
1 | x5.x1.mng.ohstore.xyz | 1 redirects |
6 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cas.noodles.tools R3 |
2024-02-07 - 2024-05-07 |
3 months | crt.sh |
cn-hangzhou.oss.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3 |
2024-02-19 - 2025-03-22 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
cdn.bootcdn.net E1 |
2024-04-12 - 2024-07-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Frame ID: 5DCB9EFBA8CCD801901F5BD1D132834E
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
MFA-CASPage URL History Show full URLs
-
https://x5.x1.mng.ohstore.xyz/
HTTP 302
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F Page URL
Detected technologies
Ant Design (JavaScript Frameworks) ExpandDetected patterns
- <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Axios (JavaScript libraries) Expand
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
FingerprintJS (JavaScript libraries) Expand
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://x5.x1.mng.ohstore.xyz/
HTTP 302
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
mfa.html
cas.noodles.tools/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.png
handwork-dev.oss-cn-hangzhou.aliyuncs.com/ |
52 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint2.min.js
dm05xir8r86ek.cloudfront.net/libs/ |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdn.bootcdn.net/ajax/libs/axios/1.3.6/ |
31 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpeg
dm05xir8r86ek.cloudfront.net/admin/ |
292 KB 293 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
cas.noodles.tools/ |
555 B 441 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| coverSupport function| Fingerprint2 function| axios function| getQueryParam function| getQrCode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cas.noodles.tools
cdn.bootcdn.net
dm05xir8r86ek.cloudfront.net
handwork-dev.oss-cn-hangzhou.aliyuncs.com
x5.x1.mng.ohstore.xyz
104.18.54.56
118.31.219.201
13.225.0.128
34.142.161.3
47.236.131.235
02a56cdba3c6159a73d7166a2389089a87230db84d71fa55fa89ec8699c66266
0ab4f0ce28c20e2f7bc319bcf6be816ff345422d82ea51001ec666833a921f25
2499b46b5d8e40c4f712826dbb961f1942d0ec0e555858eeb4e58f034b60ab4b
6a4070444d2c3e363197c66aebfd3d8edd4c387d8bdd1f779e3e9d7a75d8b933
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973
b0efe3481b4a288a839d2593e51113b8e402c4ada44b812d7527efb077dbd4d4