![](/screenshots/ca80f736-3dfa-4f70-b460-de31c77facd2.png)
cas.noodles.tools
Open in
urlscan Pro
34.142.161.3
Public Scan
Effective URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
Submission: On October 25 via api from NL — Scanned from SG
Summary
TLS certificate: Issued by R3 on October 25th 2023. Valid for: 3 months.
This is the only time cas.noodles.tools was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 34.142.161.3 34.142.161.3 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 18.155.70.208 18.155.70.208 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 118.212.235.109 118.212.235.109 | 4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone) | |
5 | 4 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.161.142.34.bc.googleusercontent.com
guarder.door2door.me | |
cas.noodles.tools |
ASN16509 (AMAZON-02, US)
PTR: server-18-155-70-208.sin52.r.cloudfront.net
dm05xir8r86ek.cloudfront.net |
ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: 109.235.212.118.adsl-pool.jx.chinaunicom.com
cdn.bootcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
cloudfront.net
dm05xir8r86ek.cloudfront.net |
304 KB |
2 |
door2door.me
2 redirects
guarder.door2door.me |
467 B |
1 |
bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 135454 |
13 KB |
1 |
noodles.tools
cas.noodles.tools |
3 KB |
0 |
aliyuncs.com
Failed
handwork-dev.oss-cn-hangzhou.aliyuncs.com Failed |
|
5 | 5 |
Domain | Requested by | |
---|---|---|
2 | dm05xir8r86ek.cloudfront.net |
cas.noodles.tools
|
2 | guarder.door2door.me | 2 redirects |
1 | cdn.bootcdn.net |
cas.noodles.tools
|
1 | cas.noodles.tools | |
0 | handwork-dev.oss-cn-hangzhou.aliyuncs.com Failed |
cas.noodles.tools
|
5 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cas.noodles.tools R3 |
2023-10-25 - 2024-01-23 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.bootcdn.net Sectigo RSA Domain Validation Secure Server CA |
2023-08-17 - 2024-08-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
Frame ID: 457416C16D17E0438F9ED7DC546B40D2
Requests: 5 HTTP requests in this frame
Screenshot
![](/screenshots/ca80f736-3dfa-4f70-b460-de31c77facd2.png)
Page Title
MFA-CASPage URL History Show full URLs
-
http://guarder.door2door.me/
HTTP 301
https://guarder.door2door.me/ HTTP 302
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F Page URL
Detected technologies
Detected patterns
- <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://guarder.door2door.me/
HTTP 301
https://guarder.door2door.me/ HTTP 302
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
mfa.html
cas.noodles.tools/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
default.png
handwork-dev.oss-cn-hangzhou.aliyuncs.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint2.min.js
dm05xir8r86ek.cloudfront.net/libs/ |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdn.bootcdn.net/ajax/libs/axios/1.3.6/ |
31 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpeg
dm05xir8r86ek.cloudfront.net/admin/ |
292 KB 293 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- handwork-dev.oss-cn-hangzhou.aliyuncs.com
- URL
- https://handwork-dev.oss-cn-hangzhou.aliyuncs.com/default.png
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| coverSupport function| Fingerprint2 function| axios function| getQueryParam function| getQrCode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cas.noodles.tools
cdn.bootcdn.net
dm05xir8r86ek.cloudfront.net
guarder.door2door.me
handwork-dev.oss-cn-hangzhou.aliyuncs.com
handwork-dev.oss-cn-hangzhou.aliyuncs.com
118.212.235.109
18.155.70.208
34.142.161.3
02a56cdba3c6159a73d7166a2389089a87230db84d71fa55fa89ec8699c66266
2499b46b5d8e40c4f712826dbb961f1942d0ec0e555858eeb4e58f034b60ab4b
6a4070444d2c3e363197c66aebfd3d8edd4c387d8bdd1f779e3e9d7a75d8b933
b0efe3481b4a288a839d2593e51113b8e402c4ada44b812d7527efb077dbd4d4