urlscan.io logo urlscan.io
SecurityTrails logo

45.125.0.6 Open in urlscan Pro
45.125.0.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://45.125.0.6/
Effective URL: https://45.125.0.6/
Submission: On September 29 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 45.125.0.6, located in Hong Kong and belongs to XTOM xTom, HK. The main domain is 45.125.0.6.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on August 1st 2023. Valid for: 3 months.
This is the only time 45.125.0.6 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 45.125.0.6 9312 (XTOM xTom)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 4
Apex Domain
Subdomains		 Transfer
3 loli.net
fonts.loli.net — Cisco Umbrella Rank: 490655
gstatic.loli.net
72 KB
2 xtom.com
stat.xtom.com
2 KB
6 2
Domain Requested by
2 gstatic.loli.net fonts.loli.net
2 stat.xtom.com 45.125.0.6
stat.xtom.com
1 fonts.loli.net 45.125.0.6
6 3

This site contains links to these domains. Also see Links.

Domain
lug.ustc.edu.cn
github.com
Subject Issuer Validity Valid
xtom.com.hk
ZeroSSL ECC Domain Secure Site CA		 2023-08-01 -
2023-10-30		 3 months crt.sh
loli.net
Cloudflare Inc ECC CA-3		 2023-04-05 -
2024-04-04		 a year crt.sh
xtom.com
Cloudflare Inc ECC CA-3		 2023-05-05 -
2024-05-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://45.125.0.6/
Frame ID: A671492150762C6F796781A2E594E641
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

xTom Open Source Software Mirror

Page URL History Show full URLs

  1. http://45.125.0.6/ HTTP 301
    https://45.125.0.6/ Page URL

Page Statistics

6
Requests

83 %
HTTPS

75 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

80 kB
Transfer

108 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://45.125.0.6/ HTTP 301
    https://45.125.0.6/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
45.125.0.6/
Redirect Chain
  • http://45.125.0.6/
  • https://45.125.0.6/
31 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://45.125.0.6/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.125.0.6 , Hong Kong, ASN9312 (XTOM xTom, HK),
Reverse DNS
mirror.xtom.com.hk
Software
nginx /
Resource Hash
8e7a5fcb975a82c2f47ec538f424c7f5d8a4723093b97fe2ebebb21d31e1eea8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Fri, 29 Sep 2023 09:16:17 GMT
etag
W/"6516427b-7ae5"
last-modified
Fri, 29 Sep 2023 03:20:27 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-custom-job
If you see this header, please contact hello@xtom.com for a job
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Fri, 29 Sep 2023 09:16:16 GMT
Location
https://45.125.0.6/
Server
nginx
css
fonts.loli.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.loli.net/css?family=Clicker+Script%7COpen+Sans:400,300
Requested by
Host: 45.125.0.6
URL: https://45.125.0.6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da77852a8b9599725170497a4fcb273c0d9898c28c8fff177ef9052ee4b3489d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://45.125.0.6/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:16:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwOl7T%2FYgkGuInBBbtMNC5D5ni7OJJqME5DWuc6fLEHW9nNg6RoPFA18a6TMqxyCqz55pftHEcziXHdB2dunrT%2Bqk9fbgaXu406f9sA6qYwHoMkLvW3cb%2BPrBDP7YAOwi4Mg9p%2Bx65Ht4n7B"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
timing-allow-origin
*
cf-ray
80e32063ca09048f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
stat.xtom.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.xtom.com/js/script.js
Requested by
Host: 45.125.0.6
URL: https://45.125.0.6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4ab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://45.125.0.6/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:16:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2107
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 28 Sep 2023 21:28:52 GMT
server
cloudflare
vary
Accept-Encoding
onion-location
http://statstjuguphht2qp6zsued43unrhsooa6kp2c3zibdw3xpnidxiprid.onion/js/script.js
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq66e4H4v%2BoKVhLPLRSl3vOXn%2BOZ5tCtweM8oqkgEYchV6HIRWWMa%2FjlT1VDc3Mlx9cvJQwnGqPGyouQq2En6MJAoNA5VLCrkoKQHuBDANkqUmt9wLtXdfya9OE%2FB%2FmCjZGZ2fXdnzxbIqU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400, must-revalidate
cf-ray
80e320642f45bbaf-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
gstatic.loli.net/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gstatic.loli.net/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.loli.net
URL: https://fonts.loli.net/css?family=Clicker+Script%7COpen+Sans:400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fonts.loli.net/
Origin
https://45.125.0.6
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:16:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
48432
x-xss-protection
1; mode=block
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80e320658a56039a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
raxkHiKPvt8CMH6ZWP8PdlEq71rf0Ts.woff2
gstatic.loli.net/s/clickerscript/v13/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gstatic.loli.net/s/clickerscript/v13/raxkHiKPvt8CMH6ZWP8PdlEq71rf0Ts.woff2
Requested by
Host: fonts.loli.net
URL: https://fonts.loli.net/css?family=Clicker+Script%7COpen+Sans:400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac5fec123183904e0207319d30845f69a560d4d7f4bb0f20d6262c9300414c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fonts.loli.net/
Origin
https://45.125.0.6
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:16:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23004
x-xss-protection
1; mode=block
last-modified
Thu, 21 Apr 2022 16:30:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80e320658a59039a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
event
stat.xtom.com/api/ 		2 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.xtom.com/api/event
Requested by
Host: stat.xtom.com
URL: https://stat.xtom.com/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4ab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://45.125.0.6/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Sep 2023 09:16:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F4lT5RbOISAe8dAINuVB
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HhfBld%2B8niXy3xDp%2FTnZSJaHGNcpmtl%2BulmcCh6OTAypF2%2FYweFnMpyBvwMpZUDu1KhjBU1mZOBBbVHVBXH3G%2FiK12Z7NvjqKqoFxJ2Q10gKrlDnSU7p2tmk3MMuiSEmr4%2BiBYUzB9hN4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
80e32064bd193821-FRA

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| isoinfo function| update_isodistro_options function| modal function| switchdistro function| downloadiso function| plausible

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block