# We're scanning the internet (IPv4) for X.509 certificate chains

As part of project [catlfish](https://www.ct.nordu.net), we are
scanning the internet for X.509 certificate chains. We will put them
all into our
[Certificate Transparency](http://www.certificate-transparency.org/)
log.

If you look closely at your network and find TCP connection attempts
to port 443 from 130.229.192.10, that's us. For hosts allowing TCP to
port 443, we will try to establish a TLS session. If that succeeds we
will gather the X.509 certificate data sent to us as part of the TLS
handshake, send a "HEAD /index.html" and then disconnect.

If you have questions or comments, or if you want your netblock(s) to
be exempted from scanning, please contact linus at nordu.net (8C4C
D511 095E 982E B0EF BFA2 1E8B F349 2329 1265).