urlscan.io logo urlscan.io
SecurityTrails logo

cas.noodles.tools Open in urlscan Pro
34.142.161.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://guarder.door2door.me/
Effective URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
Submission: On October 25 via api from NL — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 34.142.161.3, located in Singapore and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is cas.noodles.tools.
TLS certificate: Issued by R3 on October 25th 2023. Valid for: 3 months.
This is the only time cas.noodles.tools was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 34.142.161.3 396982 (GOOGLE-CL...)
2 18.155.70.208 16509 (AMAZON-02)
1 118.212.235.109 4837 (CHINA169-...)
5 4
Apex Domain
Subdomains		 Transfer
2 cloudfront.net
dm05xir8r86ek.cloudfront.net
304 KB
2 door2door.me
guarder.door2door.me
467 B
1 bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 135454
13 KB
1 noodles.tools
cas.noodles.tools
3 KB
0 aliyuncs.com Failed
handwork-dev.oss-cn-hangzhou.aliyuncs.com Failed
5 5
Domain Requested by
2 dm05xir8r86ek.cloudfront.net cas.noodles.tools
2 guarder.door2door.me 2 redirects
1 cdn.bootcdn.net cas.noodles.tools
1 cas.noodles.tools
0 handwork-dev.oss-cn-hangzhou.aliyuncs.com Failed cas.noodles.tools
5 5

This site contains no links.

Subject Issuer Validity Valid
cas.noodles.tools
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.bootcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-17 -
2024-08-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
Frame ID: 457416C16D17E0438F9ED7DC546B40D2
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MFA-CAS

Page URL History Show full URLs

  1. http://guarder.door2door.me/ HTTP 301
    https://guarder.door2door.me/ HTTP 302
    https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

320 kB
Transfer

363 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://guarder.door2door.me/ HTTP 301
    https://guarder.door2door.me/ HTTP 302
    https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mfa.html
cas.noodles.tools/
Redirect Chain
  • http://guarder.door2door.me/
  • https://guarder.door2door.me/
  • https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.142.161.3 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.161.142.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2499b46b5d8e40c4f712826dbb961f1942d0ec0e555858eeb4e58f034b60ab4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type
content-encoding
gzip
content-language
zh-SG
content-type
text/html;charset=UTF-8
date
Wed, 25 Oct 2023 06:35:01 GMT
server
nginx/1.20.1
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 06:35:01 GMT
location
https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
nginx/1.20.1
x-content-type-options
nosniff
x-powered-by
PHP/8.2.8
x-xss-protection
1; mode=block
default.png
handwork-dev.oss-cn-hangzhou.aliyuncs.com/ 		0
0
fingerprint2.min.js
dm05xir8r86ek.cloudfront.net/libs/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dm05xir8r86ek.cloudfront.net/libs/fingerprint2.min.js
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.70.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-70-208.sin52.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
b0efe3481b4a288a839d2593e51113b8e402c4ada44b812d7527efb077dbd4d4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cas.noodles.tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 06:14:10 GMT
content-encoding
gzip
via
1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 13:53:30 GMT
server
nginx/1.22.1
x-amz-cf-pop
SIN52-P1
age
12635
etag
W/"64d39a5a-781f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
OePC5l-VtcukHWkuYK7N-Vf6dxbOVqfu_jotIVo76XrS0Xhmq_kJOw==
axios.min.js
cdn.bootcdn.net/ajax/libs/axios/1.3.6/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/axios/1.3.6/axios.min.js
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.212.235.109 Jiujiang, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
109.235.212.118.adsl-pool.jx.chinaunicom.com
Software
nginx / PHP/7.4.19
Resource Hash
02a56cdba3c6159a73d7166a2389089a87230db84d71fa55fa89ec8699c66266
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cas.noodles.tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 06:36:41 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
strict-transport-security
max-age=63072000;
age
0
x-powered-by
PHP/7.4.19
server
nginx
vary
Accept-Encoding
access-control-max-age
1800
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cache-control
max-age=31536000
access-control-allow-credentials
true
x-nws-log-uuid
12922779939559718190
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Wed, 25 Oct 2023 06:34:46 GMT
bg.jpeg
dm05xir8r86ek.cloudfront.net/admin/ 		292 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm05xir8r86ek.cloudfront.net/admin/bg.jpeg
Requested by
Host: cas.noodles.tools
URL: https://cas.noodles.tools/mfa.html?redirectUrl=https%3A%2F%2Fguarder.door2door.me%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.70.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-70-208.sin52.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
6a4070444d2c3e363197c66aebfd3d8edd4c387d8bdd1f779e3e9d7a75d8b933

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cas.noodles.tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 06:59:51 GMT
via
1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jul 2023 14:15:37 GMT
server
nginx/1.22.1
x-amz-cf-pop
SIN52-P1
age
84910
etag
"64ad6409-4901c"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
299036
x-amz-cf-id
9hgTCZ6iZXbRWtGpCkjcC_SDm_BwTJ6X6vqPPZqQ0RXzRMKn7gkA2w==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
handwork-dev.oss-cn-hangzhou.aliyuncs.com
URL
https://handwork-dev.oss-cn-hangzhou.aliyuncs.com/default.png

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| coverSupport function| Fingerprint2 function| axios function| getQueryParam function| getQrCode

0 Cookies