ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 1 result(s) out of 1 in 0.030 second(s)

  • 118.195.137.196:30443 (tcp/http/tls) - last seen on 2024-11-06 at 07:13:56 UTC

    • IP
      118.195.137.196
      Network
      118.195.128.0/17
      Domain(s)
      ingress.local
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      https://118.195.137.196:30443/ 302

      ASN
      AS45090
      Organization
      Shenzhen Tencent Computer Systems Company Limited
      Protocol
      http Cert expired http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • Issuer Common Name
      Kubernetes Ingress Controller Fake Certificate
      Issuer Organization
      Acme Co
      Subject Organization
      Acme Co
      Subject Common Name
      Kubernetes Ingress Controller Fake Certificate
      Subject Alt Name
      ingress.local
      SHA256 Fingerprint
      97a420760fe80ee4424024897889ce8bd1e171f0d67ab8df64e7a73bd6bb298d
      Validity Not Before
      2023-09-04T17:44:11Z
      Validity Not After
      2024-09-03T17:44:11Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      9bf30110c0299ac29a3754f1fa004951
      HTTP Header MD5
      0a4480ebd57106b9bf380a230aeab6c3
      HTTP Body MD5
      35fe701b0ea3d645da2da66ed82fa533 
    • HTTP/1.1 302 Found
Date: Wed, 06 Nov 2024 07:13:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 47
Connection: close
Location: /org/cma
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' https://naic.pcl.ac.cn https://shence.heywhale.com https://gudc.icee-edu.com
x-csp-nonce: aPo2CSp3-W-14uaZ
x-download-options: noopen
x-readtime: 3
x-heywhale-traceid: 
Strict-Transport-Security: max-age=15724800; includeSubDomains

Redirecting to <a href="/org/cma">/org/cma</a>.
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T07:13:56.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "heywhale.com",
            "icee-edu.com",
            "pcl.ac.cn"
         ],
         "hostname" : [
            "gudc.icee-edu.com",
            "naic.pcl.ac.cn",
            "shence.heywhale.com"
         ],
         "url" : [
            "https://gudc.icee-edu.com",
            "https://naic.pcl.ac.cn",
            "https://shence.heywhale.com"
         ]
      },
      "http" : {
         "bodymd5" : "35fe701b0ea3d645da2da66ed82fa533",
         "bodymmh3" : -1362597160,
         "headermd5" : "0a4480ebd57106b9bf380a230aeab6c3",
         "headermmh3" : -1134392781
      },
      "length" : 553
   },
   "asn" : "AS45090",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "CN",
   "data" : "HTTP/1.1 302 Found\r\nDate: Wed, 06 Nov 2024 07:13:55 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 47\r\nConnection: close\r\nLocation: /org/cma\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncontent-security-policy: frame-ancestors 'self' https://naic.pcl.ac.cn https://shence.heywhale.com https://gudc.icee-edu.com\r\nx-csp-nonce: aPo2CSp3-W-14uaZ\r\nx-download-options: noopen\r\nx-readtime: 3\r\nx-heywhale-traceid: \r\nStrict-Transport-Security: max-age=15724800; includeSubDomains\r\n\r\nRedirecting to <a href=\"/org/cma\">/org/cma</a>.",
   "datamd5" : "9bf30110c0299ac29a3754f1fa004951",
   "datammh3" : -1927070508,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ingress.local"
   ],
   "extkeyusage" : [
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "c5252a22625d5153800dc09911ec2c91",
      "sha1" : "1414613d093a5fd1226c829bd43bf1307827a331",
      "sha256" : "97a420760fe80ee4424024897889ce8bd1e171f0d67ab8df64e7a73bd6bb298d"
   },
   "geolocus" : {
      "asn" : "AS45090",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "qq.com",
         "szgwbn.net.cn",
         "tencent.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "SeeHuNET",
      "organization" : "Tencent Cloud Computing (Beijing) Co., Ltd",
      "subnet" : "118.195.128.0/17"
   },
   "hostname" : [
      "ingress.local"
   ],
   "ip" : "118.195.137.196",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Kubernetes Ingress Controller Fake Certificate",
      "organization" : "Acme Co"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Shenzhen Tencent Computer Systems Company Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 30443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Found",
   "seen_date" : "2024-11-06",
   "serial" : "34:d8:0f:ab:e3:67:55:c8:51:58:97:18:fc:cf:9e:be",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 302,
   "subject" : {
      "altname" : [
         "ingress.local"
      ],
      "commonname" : "Kubernetes Ingress Controller Fake Certificate",
      "organization" : "Acme Co"
   },
   "subnet" : "118.195.128.0/17",
   "tld" : [
      "local"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2024-09-03T17:44:11Z",
      "notbefore" : "2023-09-04T17:44:11Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}