45.134.225.36

As of: Apr 21, 2025 5:08pm UTC | Latest

Basic Information

Routing
45.134.225.0/24  via COLOCATIONX-DATACENTER Dedicated Server Provider, GB (AS208046)
OS
linux
Services (19)
80/HTTP, 443/UNKNOWN, 444/UNKNOWN, 8443/UNKNOWN, 8444/UNKNOWN, 9035/HTTP, 9036/HTTP, 9037/HTTP, 9038/HTTP, 9039/HTTP, 9040/HTTP, 9041/HTTP, 9042/HTTP, 9100/HTTP, 9167/HTTP, 10444/UNKNOWN, 11444/UNKNOWN, 12444/UNKNOWN, 13444/UNKNOWN

HTTP 80/TCP
04/21/2025 09:24 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36/
Status
200  OK
Body Hash
sha1:e40606373151d67324d2904ad971fff800fcfcb6
HTML Title
This is a Tor Exit Router
Response Body
      # This is a Tor Exit Router

You are most likely accessing this website because you've had some issue with
the traffic coming from this IP. This router is part of the [Tor Anonymity
Network](https://www.torproject.org/), which is dedicated to [providing
privacy](https://2019.www.torproject.org/about/overview) to people who need it
most: average computer users. This router IP should be generating no other
traffic, unless it has been compromised.

Tor works by running user traffic through a random chain of encrypted servers,
and then letting the traffic exit the Tor network through an exit node like
this one. This design makes it very hard for a service to know which user is
connecting to it, since it can only see the IP-address of the Tor exit node:

Illustration showing how a user might connect to a service through the Tor
network. The user first sends their data through three daisy-chained encrypted
Tor servers that exist on three different continents. Then the last Tor server
in the chain connects to the target service over the normal internet. The user
This server Your service Tor encrypted link Unencrypted link

[Read more about how Tor
works.](https://2019.www.torproject.org/about/overview)

Tor sees use by [many important segments of the
population](https://2019.www.torproject.org/about/torusers), including whistle
blowers, journalists, Chinese dissidents skirting the Great Firewall and
oppressive censorship, abuse victims, stalker targets, the US military, and
law enforcement, just to name a few. While Tor is not designed for malicious
computer users, it is true that they can use the network for malicious ends.
In reality however, the actual amount of
[abuse](https://support.torproject.org/abuse/) is quite low. This is largely
because criminals and hackers have significantly better access to privacy and
anonymity than do the regular users whom they prey upon. Criminals can and do
[build, sell, and
trade](https://web.archive.org/web/20200131013910/http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_tools.html)
far larger and [more powerful
networks](https://web.archive.org/web/20200131013908/http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_distributing_your.html)
than Tor on a daily basis. Thus, in the mind of this operator, the social need
for easily accessible censorship-resistant private, anonymous communication
trumps the risk of unskilled bad actors, who are almost always more easily
uncovered by traditional police work than by extensive monitoring and
surveillance anyway.

In terms of applicable law, the best way to understand Tor is to consider it a
network of routers operating as common carriers, much like the Internet
backbone. However, unlike the Internet backbone routers, Tor routers
explicitly do not contain identifiable routing information about the source of
a packet, and no single Tor node can determine both the origin and destination
of a given transmission.

As such, there is little the operator of this router can do to help you track
the connection further. This router maintains no logs of any of the Tor
traffic, so there is little that can be done to trace either legitimate or
illegitimate traffic (or to filter one from the other). Attempts to seize this
router will accomplish nothing.

If you are a representative of a company who feels that this router is being
used to violate the DMCA, please be aware that this machine does not host or
contain any illegal content. Also be aware that network infrastructure
maintainers are not liable for the type of content that passes over their
equipment, in accordance with [DMCA "safe harbor"
provisions](https://www.law.cornell.edu/uscode/text/17/512). In other words,
you will have just as much luck sending a takedown notice to the Internet
backbone providers.

For more information, please consult the following documentation:

[Tor Overview](https://2019.www.torproject.org/about/overview) [Tor Abuse
FAQ](https://support.torproject.org/abuse/) [Tor Legal
FAQ](https://community.torproject.org/relay/community-resources/eff-tor-legal-
faq/)

That being said, if you still have a complaint about the router, you may email
the [maintainer](mailto:[email protected]). If complaints are related to a
particular service that is being abused, I will consider removing that service
from my exit policy, which would prevent my router from allowing that traffic
to exit through it. I can only do this on an IP+destination port basis,
however. Common P2P ports are already blocked.

You also have the option of blocking this IP address and others on the Tor
network if you so desire. The Tor project provides a [web
service](https://check.torproject.org/torbulkexitlist) to fetch a list of all
IP addresses of Tor exit nodes that allow exiting to a specified IP:port
combination, and an official [DNSRBL](https://dist.torproject.org/tordnsel/)
is also available to determine if a given IP address is actually a Tor exit
server. Please be considerate when using these options. It would be
unfortunate to deny all Tor users access to your site indefinitely simply
because of a few bad apples.
    

UNKNOWN 443/TCP
04/20/2025 05:21 UTC


Software

linux

Details

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
7ddc23ed0f839770f31fb10198d1c1595815993d55fd2a684a5b1ac21dd8d3f8
Subject
CN=www.4pseguxch5v52x2.net
Issuer
CN=www.a6dtwtiuo3hxk6efu3.com
Names
www.4pseguxch5v52x2.net
Fingerprint
JARM
2ad2ad16d2ad2ad00042d42d000000332dc9cd7d90589195193c8bb05d84fa
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

UNKNOWN 444/TCP
04/21/2025 12:10 UTC


Details

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
fd8ffc3840265a5b6dd4a92ecfbc384064d18715cbe49618bf8371bbceada850
Subject
CN=www.xxx5nv3n.net
Issuer
CN=www.dusrzs4rsqqumk.com
Names
www.xxx5nv3n.net
Fingerprint
JARM
2ad2ad16d2ad2ad00042d42d000000332dc9cd7d90589195193c8bb05d84fa
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

UNKNOWN 8443/TCP
04/20/2025 18:51 UTC


Software

linux

Details

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
81b0caa49b109e5240d565c2dc4ff36f699abfb68cde2accf18ed2288f77d29c
Subject
CN=www.3uyexviht3z6l.net
Issuer
CN=www.ykhgk7ib6.com
Names
www.3uyexviht3z6l.net
Fingerprint
JARM
2ad2ad16d2ad2ad00042d42d000000332dc9cd7d90589195193c8bb05d84fa
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

UNKNOWN 8444/TCP
04/20/2025 09:05 UTC


Details

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
74de7123ea5432d75e956c3f25896b12f09d478ebddf245aeddb32ceadbdb09a
Subject
CN=www.fq634wzrqp7bygx.net
Issuer
CN=www.hmzpqojqt72lu2d.com
Names
www.fq634wzrqp7bygx.net
Fingerprint
JARM
2ad2ad16d2ad2ad00042d42d000000332dc9cd7d90589195193c8bb05d84fa
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

HTTP 9035/TCP
04/20/2025 13:24 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9035/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

HTTP 9036/TCP
04/21/2025 12:05 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9036/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

HTTP 9037/TCP
04/21/2025 12:04 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9037/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

HTTP 9038/TCP
04/21/2025 11:44 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9038/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

HTTP 9039/TCP
04/21/2025 12:22 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9039/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

HTTP 9040/TCP
04/20/2025 09:05 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9040/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

HTTP 9041/TCP
04/21/2025 12:19 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9041/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

HTTP 9042/TCP
04/21/2025 17:08 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9042/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

HTTP 9100/TCP
04/21/2025 12:06 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9100/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

HTTP 9167/TCP
04/21/2025 11:56 UTC


Software

nginx 1.24.0

Details

http://45.134.225.36:9167/
Status
401  Unauthorized
Body Hash
sha1:c4958d77720d1cca03ea851eb0e89a7a6196860d
HTML Title
401 Authorization Required
Response Body
      # 401 Authorization Required

* * *

nginx/1.24.0 (Ubuntu)
    

UNKNOWN 10444/TCP
04/21/2025 03:02 UTC


Details

UNKNOWN 11444/TCP
04/20/2025 13:09 UTC


Details

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
910a44b7a06b82c1a980c4e6a30a340b3bee366f6a2b5f84d40e5584a4f02607
Subject
CN=www.ejbiadkjuliame.net
Issuer
CN=www.m3ku4k5e6gfxa64leav.com
Names
www.ejbiadkjuliame.net
Fingerprint
JARM
2ad2ad16d2ad2ad00042d42d000000332dc9cd7d90589195193c8bb05d84fa
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

UNKNOWN 12444/TCP
04/21/2025 12:17 UTC


Details

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
9159ed24b77f5c038e37f2cf2616372f197bd96d74736dbafbd77df5cdbde0af
Subject
CN=www.a4ghngdnezeed.net
Issuer
CN=www.ooio6wdj2oz.com
Names
www.a4ghngdnezeed.net
Fingerprint
JARM
2ad2ad16d2ad2ad00042d42d000000332dc9cd7d90589195193c8bb05d84fa
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

UNKNOWN 13444/TCP
04/21/2025 12:02 UTC


Details

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
f033237008e53200f90425d6269fc32826ed8c01cc567403723968dc88c67c74
Subject
CN=www.oipl6qhuisdyvhuecmj.net
Issuer
CN=www.hk7zivm7fwwkkglat.com
Names
www.oipl6qhuisdyvhuecmj.net
Fingerprint
JARM
2ad2ad16d2ad2ad00042d42d000000332dc9cd7d90589195193c8bb05d84fa
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

Geographic Location

City
Maastricht
Province
Limburg
Country
Netherlands (NL)
Coordinates
50.84833, 5.68889
Timezone
Europe/Amsterdam