-
92 days agoReverted the previous change to redacted date fields in HTTP responses. Some values may take time to refresh and return to their previous states.Read more [here](https://status.censys.com/incidents/dsg9rb188qvq).
-
97 days agoFixed an error where redacted date fields in HTTP responses had a spurious space in the redaction notation ("<REDACTED>"). This will affect banner hashes for all impacted HTTP services.
-
104 days agoAdded detection for RLOGIN, NTRIP, PGBOUNCER. Upgraded WS_DISCOVERYNew/Updated protocols include: <br/> - [RLOGIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRLOGIN) <br/> - [NTRIP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNTRIP) <br/> - [PGBOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPGBOUNCER) <br/> - [WS_DISCOVERY](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWS_DISCOVERY) <br/>
-
111 days agoAdded detection for suspicious open directoriesSearch query: [`labels: suspicious-open-dir`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspicious-open-dir)
-
120 days agoExpanded detection of Murmur/Mumble serversNew/Updated protocols include: <br/> - [MURMUR Servers (new) ](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+tcp%29) <br/> - [MURMUR Tunnels (existing)](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+udp%29) <br/>
-
123 days agoAdded detection for CMORE_HMI. Upgraded RTSP + mDNS.New/Updated protocols include: <br/> - [CMORE_HMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE_HMI) <br/> - [RTSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRTSP) <br/> - [MDNS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMDNS) <br/>
-
152 days agoAdded detection for suspended servers.Search query: [`labels: suspended`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspended)
-
158 days agoAdded detection for ser2net, NBD, Weblogic-T3, Spice, ONVIF, and Hikvision.New protocols include: <br/> - [SER2NET](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSER2NET) <br/> - [NBD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNBD) <br/> - [WEBLOGIC_T3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWEBLOGIC_T3) <br/> - [SPICE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSPICE) <br/> - [ONVIF](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DONVIF) <br/> - [HIKVISION](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHIKVISION) <br/>
-
166 days agoAdded detection for bulletproof hosting providers.Search query: [`labels: bulletproof`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+bulletproof) Learn more about [bulletproof hosting](https://en.wikipedia.org/wiki/Bulletproof_hosting).
-
169 days agoImproved detection for usenet-related services.Search query: [`services.labels: usenet`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60usenet%60)
-
174 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [VENTRILO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVENTRILO) <br/>
-
176 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CHROMECAST](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCHROMECAST) <br/>
-
180 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HID_VERTX](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHID_VERTX) <br/>
-
181 days agoUpgraded support for 1 new L7 protocolUpgraded protocols include: <br/> - [PORTMAP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPORTMAP) <br/>
-
182 days agoAdded and upgraded support for 6 new L7 protocolsNew protocols include: <br/> - [TUYA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTUYA) <br/> - [APACHE_JSERV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPACHE_JSERV) <br/> - [TIBIA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTIBIA) <br/> - [SCPI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSCPI) <br/> - [DVR_IP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDVR_IP) <br/> Upgraded protocols include: <br/> - [CWMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCWMP) <br/>
-
186 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [APPLE_AIRPORT_ADMIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPPLE_AIRPORT_ADMIN) <br/>
-
202 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [IBMNJE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIBMNJE) <br/>
-
202 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [STEAM_IHS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSTEAM_IHS) <br/>
-
204 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [TACACS_PLUS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTACACS_PLUS) <br/>
-
210 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [LSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DLSP) <br/>
-
214 days agoAdded support for 6 new L7 protocolsNew protocols include: <br/> - [ECHO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DECHO) <br/> - [JAVA_RMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DJAVA_RMI) <br/> - [CCSO_NAMESERVER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCCSO_NAMESERVER) <br/> - [CISCO_FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_FINGERD) <br/> - [FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DFINGERD) <br/> - [AFP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAFP) <br/>
-
217 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [DAYTIME](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDAYTIME) <br/>
-
221 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HDDTEMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHDDTEMP) <br/>
-
225 days agoAdded support for 7 new L7 protocolsNew protocols include: <br/> - [YAHOO_SMART_TV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DYAHOO_SMART_TV) <br/> - [IRC_BOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIRC_BOUNCER) <br/> - [SAP_ROUTER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSAP_ROUTER) <br/> - [RIPPLE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIPPLE) <br/> - [MULTISTREAM_SELECT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMULTISTREAM_SELECT) <br/> - [NNTP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNNTP) <br/> - [IOTA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIOTA) <br/>
-
228 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CMORE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE) <br/>
-
238 days agoImproved detection for web application firewalls.Search query: [services.labels="web-application-firewall"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=labels%3D%60web-application-firewall%60)
-
246 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [CISCO_IPSLA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_IPSLA) <br/> - [CRESTRON_CP3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCRESTRON_CP3) <br/> - [RCON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRCON) <br/> - [VOTIFIER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVOTIFIER) <br/> - [WHOIS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWHOIS) <br/>
-
250 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [7 DAYS TO DIE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSEVEN_DAYS_TO_DIE) <br/>
-
251 days agoAdded support for 2 new L7 protocolsNew protocols include: <br/> - [MINECRAFT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMINECRAFT) <br/> - [RIFATRON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIFATRON) <br/>
-
251 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [REDLION_CRIMSON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREDLION_CRIMSON) <br/> - [REALPORT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREALPORT) <br/> - [GEARMAN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DGEARMAN) <br/> - [WINRM](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWINRM) <br/> - [CISCO_SMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_SMI) <br/>
-
252 days agoAdded whois.network.(allocation_type|created|updated) fieldsSearch query: [whois.network.allocation_type: "REALLOCATION"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.allocation_type%3A+%22REALLOCATION%22)
-
256 days agoImproved detection for gaming-related services.Search query: [services.labels="gaming"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.labels%3D%22gaming%22)
-
259 days agoStarted scanning iSCSI (Internet Small Computer Systems Interface)Search query: [services.service_name="ISCSI"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22ISCSI%22)
-
272 days agoStarted scanning for CIMON Programmable Logic Controllers (PLCs)Search query: [services.service_name="CIMON_PLC"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22CIMON_PLC%22)
-
280 days agoStarted scanning for multiple TLS versions on servicesSearch query: [services.tls.versions.tls_version="SSLv3"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.versions.tls_version%3D%22SSLv3%22)
-
280 days agoAdded whois.network.cidrs fieldSearch query: [whois.network.cidrs: 1.0.0.0/24](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.cidrs%3A+1.0.0.0%2F24)
-
280 days agoAdded JA4S and JA4X fingerprints for scans and certificates respectivelySearch query: [services.tls.ja4s: *](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.ja4s%3A+*), [parsed.ja4x: *](https://search.censys.io/search?resource=certificates&q=parsed.ja4x%3A+*)
-
293 days agoStarted scanning Fortinet FcmDaemon on TCP/8013Search query: [`services.service_name:FORTINET_FCM`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3AFORTINET_FCM)
-
308 days agoImproved Software Field Rendering in UIThe software field in the UI now renders the software name and version in a more human-readable format.
-
326 days agoReleased IP Whois data enrichmentThe new `whois` field available in Search and BigQuery can be used to search on IP Whois data.
-
342 days agoImproved detection for internet-connected printersSearch query: [`services.labels: printer`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A%22printer%22)
-
348 days agoAdded Shodan-compatible favicon hash fieldAdded a new `services.http.response.favicons.shodan_hash` field, which contains a hash that is built and formatted in the same way as Shodan's favicon hashes. This allows executing queries built for Shodan against the Censys dataset. To use the field, replace Shodan's `http.favicon.hash` field with Censys' [`services.http.response.favicons.shodan_hash: *`](https://search.censys.io/search/language?resource=hosts&q=services.http.response.favicons.shodan_hash%3A+*&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE) field. Values for the field will be filled in over the next few days, so results will be only partially-complete at first.
-
348 days agoAdded http favicons hashes fieldAdded a new `services.http.response.favicons.hashes` field, which includes multiple hash formats. The old `md5_hash` field still remains in place.
-
349 days agoImproved detection for internet-connected medical devicesSearch query: [`services.labels: medical-device`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60medical-device%60)
-
356 days agoLaunch of Lite Certificates and Improved Certificate PerformanceCensys has re-enabled the Lite Certificates functionality of our Certificates Dataset to improve the stability and performance of Certificate queries. <br><br> Lite Certificates refers to a technique where Censys removes numerous indexed fields from our search index after a certificate has expired, allowing us to significantly shrink the amount of data needed to be stored and queried across. We expect this to increase the responsiveness and speed of Certificate queries, while still maintaining the most common fields used for searches such as names, fingerprints, serial numbers, subject information, and validity. <br><br> For more information, visit our help center article on [Censys Lite Certificates](https://support.censys.io/hc/en-us/articles/4405716032148-Censys-Lite-Certificates).
-
361 days agoAdded New Protocol Scanner: DCERPCA new protocol scanner for DCERPC has been deployed. DCE/RPC is a protocol used for remote procedure calls and is commonly used by Microsoft RPC found on TCP port 135. Censys is currently conducting a one-time prioritized scan of port 135 over the next 48-72 hours to fully populate our dataset with DCERPC services. <br><br> Example Query: [`services.service_name: DCERPC`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&q=services.service_name%3A+DCERPC)
-
364 days agoGeneral Availability of Historical Certificate APIs for All UsersTwo new Historical Certificate APIs are now available to all users. These endpoints allow users to inspect the observations of certificates across our entire collection historical scan data. <br><br> - [Certificate Observation History](https://search.censys.io/api#/certificates%20v2/getCertObservations) - Returns a list of observations containing hosts and their services which ever presented a given certificate fingerprint. <br><br> - [Host Certificate History](https://search.censys.io/api#/hosts/getCertsByHost) - Returns a list of observations containing certificates which were ever presented on a given host. <br><br> History is currently being back-populated for both of these APIs, and results are being populated from the most recent observations to the oldest. Please allow time for the full history to be populated and be made available. A future update will be provided when the process has completed and the full history is made available. <br><br> With this release, the [Hosts by Certificate](https://search.censys.io/api#/certificates%20v2/getHostsByCert) API is now deprecated and is scheduled for removal at a future date. Users should migrate to using the Search endpoint on the Host index using the `services.certificate={fingerprint}` query to find any hosts currently presenting a certificate. <br><br> For more information on getting started using the Search API, visit our [API Documentation](https://search.censys.io/api).
-
370 days agoIncrease Size of Searchable HTTP BodiesQuerying the field `services.http.response.body` will now search over the entire HTTP response body that Censys collects.
-
371 days agoExpose Pending Removal Service StateWhen Censys rescans a known service and the scan is not successful, Censys will maintain the service in its dataset and continue to retry scanning the service. If the service still cannot be successfully scanned after a waiting period it is removed. <br><br> This pending removal state is now exposed to end users through a new field: `services.pending_removal_since` and is set to the timestamp when the service transitioned to the pending removal state. This field is available for search and available on each service in the lookup API. The hosts details page has also been updated to include a pill to highlight when a service is in the pending removal state. <br><br> Example Search query: [`services.pending_removal_since: *`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.pending_removal_since%3A+*)
-
378 days agoAdded parsing of raw ELF binariesSome services return a raw ELF binary, and this was previously detected as `UNKNOWN`. The ELF header is now parsed, and detected as `ELF_FILE`. Search query: [`services.service_name: ELF_FILE`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+ELF_FILE)
-
383 days agoAdded detection for Apache OFBiz serversSearch query: [`services.software: (vendor: apache and product: ofbiz)`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software%3A+%28vendor%3A+apache+and+product%3A+ofbiz%29)
-
383 days agoAdded detection for FiercePhish, SocialPhish, Fake Coinbase, and Fake PaypalSearch query: [`services.software.product: {FiercePhish, SocialPhish, fake-coinbase, fake-paypal}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BFiercePhish%2C+SocialPhish%2C+fake-coinbase%2C+fake-paypal%7D)
-
383 days agoUpdated detection for EvilGoPhish, Gophish, and Fake USPS.Search query: [`services.software.product: {EvilGoPhish, Gophish, fake-usps}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilGoPhish%2C+Gophish%2C+fake-usps%7D)
-
390 days agoStarted scanning Checkpoint TopologySearch query: [`services.service_name=CHECKPOINT_TOPOLOGY`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.service_name%3DCHECKPOINT_TOPOLOGY)
-
393 days agoAdded detection for Evilginx and EvilGoPhish serversSearch query: [`services.software.product: {Evilginx, EvilGoPhish}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilginx%2C+EvilGoPhish%7D)
-
396 days agoRemoved response body from data-download hostsClients should use the `Location` header to follow 302 redirects
-
398 days agoStarted scanning SOCKSv5Search query: [`services.service_name: SOCKS`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+SOCKS)
-
399 days agoAdded detection for Asset Reconnaissance Lighthouse (ARL) and Browser Exploitation Framework (BeEF) serversSearch query: [`services.software.product: {asset-reconnaissance-lighthouse, browser-exploitation-framework}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7Basset-reconnaissance-lighthouse%2C+browser-exploitation-framework%7D)
-
399 days agoImproved detection for open directoriesSearch query: [`labels: open-dir`](https://search.censys.io/search?resource=hosts&q=labels%3A+open-dir)
-
399 days agoAdded detection for Fake Chrome Update and USPS Phishing servers
-
405 days agoAdded new solo subscription tier
-
405 days agoStarted scanning SNMPv3
-
406 days agoAdd new documentation for hosts fields
-
410 days agoStarted scanning L2TP UDP port 1701