-
48 days agoReverted the previous change to redacted date fields in HTTP responses. Some values may take time to refresh and return to their previous states.Read more [here](https://status.censys.com/incidents/dsg9rb188qvq).
-
53 days agoFixed an error where redacted date fields in HTTP responses had a spurious space in the redaction notation ("<REDACTED>"). This will affect banner hashes for all impacted HTTP services.
-
60 days agoAdded detection for RLOGIN, NTRIP, PGBOUNCER. Upgraded WS_DISCOVERYNew/Updated protocols include: <br/> - [RLOGIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRLOGIN) <br/> - [NTRIP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNTRIP) <br/> - [PGBOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPGBOUNCER) <br/> - [WS_DISCOVERY](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWS_DISCOVERY) <br/>
-
67 days agoAdded detection for suspicious open directoriesSearch query: [`labels: suspicious-open-dir`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspicious-open-dir)
-
76 days agoExpanded detection of Murmur/Mumble serversNew/Updated protocols include: <br/> - [MURMUR Servers (new) ](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+tcp%29) <br/> - [MURMUR Tunnels (existing)](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+udp%29) <br/>
-
79 days agoAdded detection for CMORE_HMI. Upgraded RTSP + mDNS.New/Updated protocols include: <br/> - [CMORE_HMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE_HMI) <br/> - [RTSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRTSP) <br/> - [MDNS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMDNS) <br/>
-
108 days agoAdded detection for suspended servers.Search query: [`labels: suspended`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspended)
-
114 days agoAdded detection for ser2net, NBD, Weblogic-T3, Spice, ONVIF, and Hikvision.New protocols include: <br/> - [SER2NET](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSER2NET) <br/> - [NBD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNBD) <br/> - [WEBLOGIC_T3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWEBLOGIC_T3) <br/> - [SPICE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSPICE) <br/> - [ONVIF](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DONVIF) <br/> - [HIKVISION](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHIKVISION) <br/>
-
122 days agoAdded detection for bulletproof hosting providers.Search query: [`labels: bulletproof`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+bulletproof) Learn more about [bulletproof hosting](https://en.wikipedia.org/wiki/Bulletproof_hosting).
-
125 days agoImproved detection for usenet-related services.Search query: [`services.labels: usenet`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60usenet%60)
-
130 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [VENTRILO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVENTRILO) <br/>
-
132 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CHROMECAST](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCHROMECAST) <br/>
-
136 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HID_VERTX](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHID_VERTX) <br/>
-
137 days agoUpgraded support for 1 new L7 protocolUpgraded protocols include: <br/> - [PORTMAP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPORTMAP) <br/>
-
138 days agoAdded and upgraded support for 6 new L7 protocolsNew protocols include: <br/> - [TUYA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTUYA) <br/> - [APACHE_JSERV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPACHE_JSERV) <br/> - [TIBIA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTIBIA) <br/> - [SCPI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSCPI) <br/> - [DVR_IP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDVR_IP) <br/> Upgraded protocols include: <br/> - [CWMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCWMP) <br/>
-
142 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [APPLE_AIRPORT_ADMIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPPLE_AIRPORT_ADMIN) <br/>
-
158 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [IBMNJE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIBMNJE) <br/>
-
158 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [STEAM_IHS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSTEAM_IHS) <br/>
-
160 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [TACACS_PLUS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTACACS_PLUS) <br/>
-
166 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [LSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DLSP) <br/>
-
170 days agoAdded support for 6 new L7 protocolsNew protocols include: <br/> - [ECHO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DECHO) <br/> - [JAVA_RMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DJAVA_RMI) <br/> - [CCSO_NAMESERVER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCCSO_NAMESERVER) <br/> - [CISCO_FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_FINGERD) <br/> - [FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DFINGERD) <br/> - [AFP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAFP) <br/>
-
173 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [DAYTIME](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDAYTIME) <br/>
-
177 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HDDTEMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHDDTEMP) <br/>
-
181 days agoAdded support for 7 new L7 protocolsNew protocols include: <br/> - [YAHOO_SMART_TV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DYAHOO_SMART_TV) <br/> - [IRC_BOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIRC_BOUNCER) <br/> - [SAP_ROUTER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSAP_ROUTER) <br/> - [RIPPLE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIPPLE) <br/> - [MULTISTREAM_SELECT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMULTISTREAM_SELECT) <br/> - [NNTP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNNTP) <br/> - [IOTA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIOTA) <br/>
-
184 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CMORE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE) <br/>
-
194 days agoImproved detection for web application firewalls.Search query: [services.labels="web-application-firewall"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=labels%3D%60web-application-firewall%60)
-
202 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [CISCO_IPSLA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_IPSLA) <br/> - [CRESTRON_CP3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCRESTRON_CP3) <br/> - [RCON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRCON) <br/> - [VOTIFIER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVOTIFIER) <br/> - [WHOIS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWHOIS) <br/>
-
206 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [7 DAYS TO DIE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSEVEN_DAYS_TO_DIE) <br/>
-
207 days agoAdded support for 2 new L7 protocolsNew protocols include: <br/> - [MINECRAFT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMINECRAFT) <br/> - [RIFATRON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIFATRON) <br/>
-
207 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [REDLION_CRIMSON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREDLION_CRIMSON) <br/> - [REALPORT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREALPORT) <br/> - [GEARMAN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DGEARMAN) <br/> - [WINRM](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWINRM) <br/> - [CISCO_SMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_SMI) <br/>
-
208 days agoAdded whois.network.(allocation_type|created|updated) fieldsSearch query: [whois.network.allocation_type: "REALLOCATION"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.allocation_type%3A+%22REALLOCATION%22)
-
212 days agoImproved detection for gaming-related services.Search query: [services.labels="gaming"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.labels%3D%22gaming%22)
-
215 days agoStarted scanning iSCSI (Internet Small Computer Systems Interface)Search query: [services.service_name="ISCSI"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22ISCSI%22)
-
228 days agoStarted scanning for CIMON Programmable Logic Controllers (PLCs)Search query: [services.service_name="CIMON_PLC"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22CIMON_PLC%22)
-
236 days agoStarted scanning for multiple TLS versions on servicesSearch query: [services.tls.versions.tls_version="SSLv3"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.versions.tls_version%3D%22SSLv3%22)
-
236 days agoAdded whois.network.cidrs fieldSearch query: [whois.network.cidrs: 1.0.0.0/24](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.cidrs%3A+1.0.0.0%2F24)
-
236 days agoAdded JA4S and JA4X fingerprints for scans and certificates respectivelySearch query: [services.tls.ja4s: *](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.ja4s%3A+*), [parsed.ja4x: *](https://search.censys.io/search?resource=certificates&q=parsed.ja4x%3A+*)
-
249 days agoStarted scanning Fortinet FcmDaemon on TCP/8013Search query: [`services.service_name:FORTINET_FCM`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3AFORTINET_FCM)
-
264 days agoImproved Software Field Rendering in UIThe software field in the UI now renders the software name and version in a more human-readable format.
-
282 days agoReleased IP Whois data enrichmentThe new `whois` field available in Search and BigQuery can be used to search on IP Whois data.
-
298 days agoImproved detection for internet-connected printersSearch query: [`services.labels: printer`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A%22printer%22)
-
304 days agoAdded Shodan-compatible favicon hash fieldAdded a new `services.http.response.favicons.shodan_hash` field, which contains a hash that is built and formatted in the same way as Shodan's favicon hashes. This allows executing queries built for Shodan against the Censys dataset. To use the field, replace Shodan's `http.favicon.hash` field with Censys' [`services.http.response.favicons.shodan_hash: *`](https://search.censys.io/search/language?resource=hosts&q=services.http.response.favicons.shodan_hash%3A+*&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE) field. Values for the field will be filled in over the next few days, so results will be only partially-complete at first.
-
304 days agoAdded http favicons hashes fieldAdded a new `services.http.response.favicons.hashes` field, which includes multiple hash formats. The old `md5_hash` field still remains in place.
-
305 days agoImproved detection for internet-connected medical devicesSearch query: [`services.labels: medical-device`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60medical-device%60)
-
312 days agoLaunch of Lite Certificates and Improved Certificate PerformanceCensys has re-enabled the Lite Certificates functionality of our Certificates Dataset to improve the stability and performance of Certificate queries. <br><br> Lite Certificates refers to a technique where Censys removes numerous indexed fields from our search index after a certificate has expired, allowing us to significantly shrink the amount of data needed to be stored and queried across. We expect this to increase the responsiveness and speed of Certificate queries, while still maintaining the most common fields used for searches such as names, fingerprints, serial numbers, subject information, and validity. <br><br> For more information, visit our help center article on [Censys Lite Certificates](https://support.censys.io/hc/en-us/articles/4405716032148-Censys-Lite-Certificates).
-
317 days agoAdded New Protocol Scanner: DCERPCA new protocol scanner for DCERPC has been deployed. DCE/RPC is a protocol used for remote procedure calls and is commonly used by Microsoft RPC found on TCP port 135. Censys is currently conducting a one-time prioritized scan of port 135 over the next 48-72 hours to fully populate our dataset with DCERPC services. <br><br> Example Query: [`services.service_name: DCERPC`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&q=services.service_name%3A+DCERPC)
-
320 days agoGeneral Availability of Historical Certificate APIs for All UsersTwo new Historical Certificate APIs are now available to all users. These endpoints allow users to inspect the observations of certificates across our entire collection historical scan data. <br><br> - [Certificate Observation History](https://search.censys.io/api#/certificates%20v2/getCertObservations) - Returns a list of observations containing hosts and their services which ever presented a given certificate fingerprint. <br><br> - [Host Certificate History](https://search.censys.io/api#/hosts/getCertsByHost) - Returns a list of observations containing certificates which were ever presented on a given host. <br><br> History is currently being back-populated for both of these APIs, and results are being populated from the most recent observations to the oldest. Please allow time for the full history to be populated and be made available. A future update will be provided when the process has completed and the full history is made available. <br><br> With this release, the [Hosts by Certificate](https://search.censys.io/api#/certificates%20v2/getHostsByCert) API is now deprecated and is scheduled for removal at a future date. Users should migrate to using the Search endpoint on the Host index using the `services.certificate={fingerprint}` query to find any hosts currently presenting a certificate. <br><br> For more information on getting started using the Search API, visit our [API Documentation](https://search.censys.io/api).
-
326 days agoIncrease Size of Searchable HTTP BodiesQuerying the field `services.http.response.body` will now search over the entire HTTP response body that Censys collects.
-
327 days agoExpose Pending Removal Service StateWhen Censys rescans a known service and the scan is not successful, Censys will maintain the service in its dataset and continue to retry scanning the service. If the service still cannot be successfully scanned after a waiting period it is removed. <br><br> This pending removal state is now exposed to end users through a new field: `services.pending_removal_since` and is set to the timestamp when the service transitioned to the pending removal state. This field is available for search and available on each service in the lookup API. The hosts details page has also been updated to include a pill to highlight when a service is in the pending removal state. <br><br> Example Search query: [`services.pending_removal_since: *`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.pending_removal_since%3A+*)
-
334 days agoAdded parsing of raw ELF binariesSome services return a raw ELF binary, and this was previously detected as `UNKNOWN`. The ELF header is now parsed, and detected as `ELF_FILE`. Search query: [`services.service_name: ELF_FILE`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+ELF_FILE)
-
339 days agoAdded detection for Apache OFBiz serversSearch query: [`services.software: (vendor: apache and product: ofbiz)`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software%3A+%28vendor%3A+apache+and+product%3A+ofbiz%29)
-
339 days agoAdded detection for FiercePhish, SocialPhish, Fake Coinbase, and Fake PaypalSearch query: [`services.software.product: {FiercePhish, SocialPhish, fake-coinbase, fake-paypal}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BFiercePhish%2C+SocialPhish%2C+fake-coinbase%2C+fake-paypal%7D)
-
339 days agoUpdated detection for EvilGoPhish, Gophish, and Fake USPS.Search query: [`services.software.product: {EvilGoPhish, Gophish, fake-usps}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilGoPhish%2C+Gophish%2C+fake-usps%7D)
-
346 days agoStarted scanning Checkpoint TopologySearch query: [`services.service_name=CHECKPOINT_TOPOLOGY`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.service_name%3DCHECKPOINT_TOPOLOGY)
-
349 days agoAdded detection for Evilginx and EvilGoPhish serversSearch query: [`services.software.product: {Evilginx, EvilGoPhish}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilginx%2C+EvilGoPhish%7D)
-
352 days agoRemoved response body from data-download hostsClients should use the `Location` header to follow 302 redirects
-
354 days agoStarted scanning SOCKSv5Search query: [`services.service_name: SOCKS`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+SOCKS)
-
355 days agoAdded detection for Asset Reconnaissance Lighthouse (ARL) and Browser Exploitation Framework (BeEF) serversSearch query: [`services.software.product: {asset-reconnaissance-lighthouse, browser-exploitation-framework}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7Basset-reconnaissance-lighthouse%2C+browser-exploitation-framework%7D)
-
355 days agoImproved detection for open directoriesSearch query: [`labels: open-dir`](https://search.censys.io/search?resource=hosts&q=labels%3A+open-dir)
-
355 days agoAdded detection for Fake Chrome Update and USPS Phishing servers
-
361 days agoAdded new solo subscription tier
-
361 days agoStarted scanning SNMPv3
-
362 days agoAdd new documentation for hosts fields
-
366 days agoStarted scanning L2TP UDP port 1701