-
56 days agoReverted the previous change to redacted date fields in HTTP responses. Some values may take time to refresh and return to their previous states.Read more [here](https://status.censys.com/incidents/dsg9rb188qvq).
-
61 days agoFixed an error where redacted date fields in HTTP responses had a spurious space in the redaction notation ("<REDACTED>"). This will affect banner hashes for all impacted HTTP services.
-
68 days agoAdded detection for RLOGIN, NTRIP, PGBOUNCER. Upgraded WS_DISCOVERYNew/Updated protocols include: <br/> - [RLOGIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRLOGIN) <br/> - [NTRIP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNTRIP) <br/> - [PGBOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPGBOUNCER) <br/> - [WS_DISCOVERY](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWS_DISCOVERY) <br/>
-
75 days agoAdded detection for suspicious open directoriesSearch query: [`labels: suspicious-open-dir`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspicious-open-dir)
-
84 days agoExpanded detection of Murmur/Mumble serversNew/Updated protocols include: <br/> - [MURMUR Servers (new) ](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+tcp%29) <br/> - [MURMUR Tunnels (existing)](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+udp%29) <br/>
-
87 days agoAdded detection for CMORE_HMI. Upgraded RTSP + mDNS.New/Updated protocols include: <br/> - [CMORE_HMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE_HMI) <br/> - [RTSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRTSP) <br/> - [MDNS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMDNS) <br/>
-
116 days agoAdded detection for suspended servers.Search query: [`labels: suspended`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspended)
-
122 days agoAdded detection for ser2net, NBD, Weblogic-T3, Spice, ONVIF, and Hikvision.New protocols include: <br/> - [SER2NET](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSER2NET) <br/> - [NBD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNBD) <br/> - [WEBLOGIC_T3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWEBLOGIC_T3) <br/> - [SPICE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSPICE) <br/> - [ONVIF](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DONVIF) <br/> - [HIKVISION](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHIKVISION) <br/>
-
130 days agoAdded detection for bulletproof hosting providers.Search query: [`labels: bulletproof`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+bulletproof) Learn more about [bulletproof hosting](https://en.wikipedia.org/wiki/Bulletproof_hosting).
-
133 days agoImproved detection for usenet-related services.Search query: [`services.labels: usenet`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60usenet%60)
-
138 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [VENTRILO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVENTRILO) <br/>
-
140 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CHROMECAST](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCHROMECAST) <br/>
-
144 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HID_VERTX](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHID_VERTX) <br/>
-
145 days agoUpgraded support for 1 new L7 protocolUpgraded protocols include: <br/> - [PORTMAP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPORTMAP) <br/>
-
146 days agoAdded and upgraded support for 6 new L7 protocolsNew protocols include: <br/> - [TUYA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTUYA) <br/> - [APACHE_JSERV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPACHE_JSERV) <br/> - [TIBIA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTIBIA) <br/> - [SCPI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSCPI) <br/> - [DVR_IP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDVR_IP) <br/> Upgraded protocols include: <br/> - [CWMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCWMP) <br/>
-
150 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [APPLE_AIRPORT_ADMIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPPLE_AIRPORT_ADMIN) <br/>
-
166 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [IBMNJE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIBMNJE) <br/>
-
166 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [STEAM_IHS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSTEAM_IHS) <br/>
-
168 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [TACACS_PLUS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTACACS_PLUS) <br/>
-
174 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [LSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DLSP) <br/>
-
178 days agoAdded support for 6 new L7 protocolsNew protocols include: <br/> - [ECHO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DECHO) <br/> - [JAVA_RMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DJAVA_RMI) <br/> - [CCSO_NAMESERVER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCCSO_NAMESERVER) <br/> - [CISCO_FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_FINGERD) <br/> - [FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DFINGERD) <br/> - [AFP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAFP) <br/>
-
181 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [DAYTIME](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDAYTIME) <br/>
-
185 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HDDTEMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHDDTEMP) <br/>
-
189 days agoAdded support for 7 new L7 protocolsNew protocols include: <br/> - [YAHOO_SMART_TV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DYAHOO_SMART_TV) <br/> - [IRC_BOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIRC_BOUNCER) <br/> - [SAP_ROUTER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSAP_ROUTER) <br/> - [RIPPLE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIPPLE) <br/> - [MULTISTREAM_SELECT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMULTISTREAM_SELECT) <br/> - [NNTP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNNTP) <br/> - [IOTA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIOTA) <br/>
-
192 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CMORE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE) <br/>
-
202 days agoImproved detection for web application firewalls.Search query: [services.labels="web-application-firewall"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=labels%3D%60web-application-firewall%60)
-
210 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [CISCO_IPSLA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_IPSLA) <br/> - [CRESTRON_CP3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCRESTRON_CP3) <br/> - [RCON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRCON) <br/> - [VOTIFIER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVOTIFIER) <br/> - [WHOIS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWHOIS) <br/>
-
214 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [7 DAYS TO DIE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSEVEN_DAYS_TO_DIE) <br/>
-
215 days agoAdded support for 2 new L7 protocolsNew protocols include: <br/> - [MINECRAFT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMINECRAFT) <br/> - [RIFATRON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIFATRON) <br/>
-
215 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [REDLION_CRIMSON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREDLION_CRIMSON) <br/> - [REALPORT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREALPORT) <br/> - [GEARMAN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DGEARMAN) <br/> - [WINRM](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWINRM) <br/> - [CISCO_SMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_SMI) <br/>
-
216 days agoAdded whois.network.(allocation_type|created|updated) fieldsSearch query: [whois.network.allocation_type: "REALLOCATION"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.allocation_type%3A+%22REALLOCATION%22)
-
220 days agoImproved detection for gaming-related services.Search query: [services.labels="gaming"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.labels%3D%22gaming%22)
-
223 days agoStarted scanning iSCSI (Internet Small Computer Systems Interface)Search query: [services.service_name="ISCSI"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22ISCSI%22)
-
236 days agoStarted scanning for CIMON Programmable Logic Controllers (PLCs)Search query: [services.service_name="CIMON_PLC"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22CIMON_PLC%22)
-
244 days agoStarted scanning for multiple TLS versions on servicesSearch query: [services.tls.versions.tls_version="SSLv3"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.versions.tls_version%3D%22SSLv3%22)
-
244 days agoAdded whois.network.cidrs fieldSearch query: [whois.network.cidrs: 1.0.0.0/24](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.cidrs%3A+1.0.0.0%2F24)
-
244 days agoAdded JA4S and JA4X fingerprints for scans and certificates respectivelySearch query: [services.tls.ja4s: *](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.ja4s%3A+*), [parsed.ja4x: *](https://search.censys.io/search?resource=certificates&q=parsed.ja4x%3A+*)
-
257 days agoStarted scanning Fortinet FcmDaemon on TCP/8013Search query: [`services.service_name:FORTINET_FCM`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3AFORTINET_FCM)
-
272 days agoImproved Software Field Rendering in UIThe software field in the UI now renders the software name and version in a more human-readable format.
-
290 days agoReleased IP Whois data enrichmentThe new `whois` field available in Search and BigQuery can be used to search on IP Whois data.
-
306 days agoImproved detection for internet-connected printersSearch query: [`services.labels: printer`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A%22printer%22)
-
312 days agoAdded Shodan-compatible favicon hash fieldAdded a new `services.http.response.favicons.shodan_hash` field, which contains a hash that is built and formatted in the same way as Shodan's favicon hashes. This allows executing queries built for Shodan against the Censys dataset. To use the field, replace Shodan's `http.favicon.hash` field with Censys' [`services.http.response.favicons.shodan_hash: *`](https://search.censys.io/search/language?resource=hosts&q=services.http.response.favicons.shodan_hash%3A+*&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE) field. Values for the field will be filled in over the next few days, so results will be only partially-complete at first.
-
312 days agoAdded http favicons hashes fieldAdded a new `services.http.response.favicons.hashes` field, which includes multiple hash formats. The old `md5_hash` field still remains in place.
-
313 days agoImproved detection for internet-connected medical devicesSearch query: [`services.labels: medical-device`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60medical-device%60)
-
320 days agoLaunch of Lite Certificates and Improved Certificate PerformanceCensys has re-enabled the Lite Certificates functionality of our Certificates Dataset to improve the stability and performance of Certificate queries. <br><br> Lite Certificates refers to a technique where Censys removes numerous indexed fields from our search index after a certificate has expired, allowing us to significantly shrink the amount of data needed to be stored and queried across. We expect this to increase the responsiveness and speed of Certificate queries, while still maintaining the most common fields used for searches such as names, fingerprints, serial numbers, subject information, and validity. <br><br> For more information, visit our help center article on [Censys Lite Certificates](https://support.censys.io/hc/en-us/articles/4405716032148-Censys-Lite-Certificates).
-
325 days agoAdded New Protocol Scanner: DCERPCA new protocol scanner for DCERPC has been deployed. DCE/RPC is a protocol used for remote procedure calls and is commonly used by Microsoft RPC found on TCP port 135. Censys is currently conducting a one-time prioritized scan of port 135 over the next 48-72 hours to fully populate our dataset with DCERPC services. <br><br> Example Query: [`services.service_name: DCERPC`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&q=services.service_name%3A+DCERPC)
-
328 days agoGeneral Availability of Historical Certificate APIs for All UsersTwo new Historical Certificate APIs are now available to all users. These endpoints allow users to inspect the observations of certificates across our entire collection historical scan data. <br><br> - [Certificate Observation History](https://search.censys.io/api#/certificates%20v2/getCertObservations) - Returns a list of observations containing hosts and their services which ever presented a given certificate fingerprint. <br><br> - [Host Certificate History](https://search.censys.io/api#/hosts/getCertsByHost) - Returns a list of observations containing certificates which were ever presented on a given host. <br><br> History is currently being back-populated for both of these APIs, and results are being populated from the most recent observations to the oldest. Please allow time for the full history to be populated and be made available. A future update will be provided when the process has completed and the full history is made available. <br><br> With this release, the [Hosts by Certificate](https://search.censys.io/api#/certificates%20v2/getHostsByCert) API is now deprecated and is scheduled for removal at a future date. Users should migrate to using the Search endpoint on the Host index using the `services.certificate={fingerprint}` query to find any hosts currently presenting a certificate. <br><br> For more information on getting started using the Search API, visit our [API Documentation](https://search.censys.io/api).
-
334 days agoIncrease Size of Searchable HTTP BodiesQuerying the field `services.http.response.body` will now search over the entire HTTP response body that Censys collects.
-
335 days agoExpose Pending Removal Service StateWhen Censys rescans a known service and the scan is not successful, Censys will maintain the service in its dataset and continue to retry scanning the service. If the service still cannot be successfully scanned after a waiting period it is removed. <br><br> This pending removal state is now exposed to end users through a new field: `services.pending_removal_since` and is set to the timestamp when the service transitioned to the pending removal state. This field is available for search and available on each service in the lookup API. The hosts details page has also been updated to include a pill to highlight when a service is in the pending removal state. <br><br> Example Search query: [`services.pending_removal_since: *`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.pending_removal_since%3A+*)
-
342 days agoAdded parsing of raw ELF binariesSome services return a raw ELF binary, and this was previously detected as `UNKNOWN`. The ELF header is now parsed, and detected as `ELF_FILE`. Search query: [`services.service_name: ELF_FILE`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+ELF_FILE)
-
347 days agoAdded detection for Apache OFBiz serversSearch query: [`services.software: (vendor: apache and product: ofbiz)`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software%3A+%28vendor%3A+apache+and+product%3A+ofbiz%29)
-
347 days agoAdded detection for FiercePhish, SocialPhish, Fake Coinbase, and Fake PaypalSearch query: [`services.software.product: {FiercePhish, SocialPhish, fake-coinbase, fake-paypal}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BFiercePhish%2C+SocialPhish%2C+fake-coinbase%2C+fake-paypal%7D)
-
347 days agoUpdated detection for EvilGoPhish, Gophish, and Fake USPS.Search query: [`services.software.product: {EvilGoPhish, Gophish, fake-usps}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilGoPhish%2C+Gophish%2C+fake-usps%7D)
-
354 days agoStarted scanning Checkpoint TopologySearch query: [`services.service_name=CHECKPOINT_TOPOLOGY`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.service_name%3DCHECKPOINT_TOPOLOGY)
-
357 days agoAdded detection for Evilginx and EvilGoPhish serversSearch query: [`services.software.product: {Evilginx, EvilGoPhish}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilginx%2C+EvilGoPhish%7D)
-
360 days agoRemoved response body from data-download hostsClients should use the `Location` header to follow 302 redirects
-
362 days agoStarted scanning SOCKSv5Search query: [`services.service_name: SOCKS`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+SOCKS)
-
363 days agoAdded detection for Asset Reconnaissance Lighthouse (ARL) and Browser Exploitation Framework (BeEF) serversSearch query: [`services.software.product: {asset-reconnaissance-lighthouse, browser-exploitation-framework}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7Basset-reconnaissance-lighthouse%2C+browser-exploitation-framework%7D)
-
363 days agoImproved detection for open directoriesSearch query: [`labels: open-dir`](https://search.censys.io/search?resource=hosts&q=labels%3A+open-dir)
-
363 days agoAdded detection for Fake Chrome Update and USPS Phishing servers
-
369 days agoAdded new solo subscription tier
-
369 days agoStarted scanning SNMPv3
-
370 days agoAdd new documentation for hosts fields
-
374 days agoStarted scanning L2TP UDP port 1701