urlscan.io logo urlscan.io
SecurityTrails logo

cas.noodles.tools Open in urlscan Pro
34.142.161.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://x5.x1.mng.ohstore.xyz/
Effective URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Submission: On April 17 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 6 HTTP transactions. The main IP is 34.142.161.3, located in Singapore, Singapore and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is cas.noodles.tools.
TLS certificate: Issued by R3 on February 7th 2024. Valid for: 3 months.
This is the only time cas.noodles.tools was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 47.236.131.235 45102 (ALIBABA-C...)
2 34.142.161.3 396982 (GOOGLE-CL...)
1 118.31.219.201 37963 (ALIBABA-C...)
2 13.225.0.128 16509 (AMAZON-02)
1 104.18.54.56 13335 (CLOUDFLAR...)
6 4
1    47.236.131.235 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
x5.x1.mng.ohstore.xyz
2    34.142.161.3 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.161.142.34.bc.googleusercontent.com
cas.noodles.tools
1    118.31.219.201 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
handwork-dev.oss-cn-hangzhou.aliyuncs.com
2    13.225.0.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-0-128.sin52.r.cloudfront.net
dm05xir8r86ek.cloudfront.net
1    104.18.54.56 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.bootcdn.net
Domain Requested by
2 dm05xir8r86ek.cloudfront.net cas.noodles.tools
2 cas.noodles.tools
1 cdn.bootcdn.net cas.noodles.tools
1 handwork-dev.oss-cn-hangzhou.aliyuncs.com cas.noodles.tools
1 x5.x1.mng.ohstore.xyz 1 redirects
6 5

This site contains no links.

Subject Issuer Validity Valid
cas.noodles.tools
R3		 2024-02-07 -
2024-05-07		 3 months crt.sh
cn-hangzhou.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-19 -
2025-03-22		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdn.bootcdn.net
E1		 2024-04-12 -
2024-07-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Frame ID: 5DCB9EFBA8CCD801901F5BD1D132834E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MFA-CAS

Page URL History Show full URLs

  1. https://x5.x1.mng.ohstore.xyz/ HTTP 302
    https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

373 kB
Transfer

415 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://x5.x1.mng.ohstore.xyz/ HTTP 302
    https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mfa.html
cas.noodles.tools/
Redirect Chain
  • https://x5.x1.mng.ohstore.xyz/
  • https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.142.161.3 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.161.142.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2499b46b5d8e40c4f712826dbb961f1942d0ec0e555858eeb4e58f034b60ab4b

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type
content-encoding
gzip
content-language
zh-SG
content-type
text/html;charset=UTF-8
date
Wed, 17 Apr 2024 12:36:26 GMT
server
nginx/1.20.1
vary
Accept-Encoding

Redirect headers

content-length
142
content-type
text/html
date
Wed, 17 Apr 2024 12:36:25 GMT
location
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
server
openresty
default.png
handwork-dev.oss-cn-hangzhou.aliyuncs.com/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://handwork-dev.oss-cn-hangzhou.aliyuncs.com/default.png
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.31.219.201 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0ab4f0ce28c20e2f7bc319bcf6be816ff345422d82ea51001ec666833a921f25

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cas.noodles.tools/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 12:36:28 GMT
x-oss-request-id
661FC24C6FB42B363113180F
Content-MD5
fWnTBrcjgdlqeV2f/DpDKQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
52873
x-oss-object-type
Normal
Last-Modified
Thu, 10 Aug 2023 08:20:36 GMT
Server
AliyunOSS
x-oss-server-side-encryption
AES256
ETag
"7D69D306B72381D96A795D9FFC3A4329"
Content-Type
image/png
x-oss-ec
0048-00000105
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
2995373396559353526
x-oss-server-time
56
fingerprint2.min.js
dm05xir8r86ek.cloudfront.net/libs/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dm05xir8r86ek.cloudfront.net/libs/fingerprint2.min.js
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.0.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-0-128.sin52.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
b0efe3481b4a288a839d2593e51113b8e402c4ada44b812d7527efb077dbd4d4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cas.noodles.tools/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:11:20 GMT
content-encoding
gzip
via
1.1 08a12acbdd73ab65ad077921a50970da.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 13:53:30 GMT
server
nginx/1.22.1
x-amz-cf-pop
SIN52-C2
age
19506
etag
W/"64d39a5a-781f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
IWmjRx5FXiTDBW-yzJZwDr0yr61Z2b5uzKMbS6yKMGOcNNOd64q_2A==
axios.min.js
cdn.bootcdn.net/ajax/libs/axios/1.3.6/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/axios/1.3.6/axios.min.js
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.54.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a56cdba3c6159a73d7166a2389089a87230db84d71fa55fa89ec8699c66266

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cas.noodles.tools/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:36:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2024 07:12:53 GMT
server
cloudflare
age
105814
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
875c75f4e80b9e2e-SIN
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Wed, 17 Apr 2024 16:36:27 GMT
bg.jpeg
dm05xir8r86ek.cloudfront.net/admin/ 		292 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm05xir8r86ek.cloudfront.net/admin/bg.jpeg
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.0.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-0-128.sin52.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
6a4070444d2c3e363197c66aebfd3d8edd4c387d8bdd1f779e3e9d7a75d8b933

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cas.noodles.tools/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 04:14:56 GMT
via
1.1 08a12acbdd73ab65ad077921a50970da.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jul 2023 14:15:37 GMT
server
nginx/1.22.1
x-amz-cf-pop
SIN52-C2
age
30090
etag
"64ad6409-4901c"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
299036
x-amz-cf-id
dzCTCUOZCRnGRDWytxJZ45cPdHmU37xNulOu9wSEeNCrtn3Wf4Hngw==
favicon.ico
cas.noodles.tools/ 		555 B
441 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cas.noodles.tools/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.142.161.3 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.161.142.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:36:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-encoding
gzip
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/html; charset=utf-8
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| coverSupport function| Fingerprint2 function| axios function| getQueryParam function| getQrCode

0 Cookies

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fx5.x1.mng.ohstore.xyz%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://cas.noodles.tools/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()