-
53 days agoReverted the previous change to redacted date fields in HTTP responses. Some values may take time to refresh and return to their previous states.Read more [here](https://status.censys.com/incidents/dsg9rb188qvq).
-
58 days agoFixed an error where redacted date fields in HTTP responses had a spurious space in the redaction notation ("<REDACTED>"). This will affect banner hashes for all impacted HTTP services.
-
65 days agoAdded detection for RLOGIN, NTRIP, PGBOUNCER. Upgraded WS_DISCOVERYNew/Updated protocols include: <br/> - [RLOGIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRLOGIN) <br/> - [NTRIP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNTRIP) <br/> - [PGBOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPGBOUNCER) <br/> - [WS_DISCOVERY](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWS_DISCOVERY) <br/>
-
72 days agoAdded detection for suspicious open directoriesSearch query: [`labels: suspicious-open-dir`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspicious-open-dir)
-
81 days agoExpanded detection of Murmur/Mumble serversNew/Updated protocols include: <br/> - [MURMUR Servers (new) ](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+tcp%29) <br/> - [MURMUR Tunnels (existing)](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+udp%29) <br/>
-
84 days agoAdded detection for CMORE_HMI. Upgraded RTSP + mDNS.New/Updated protocols include: <br/> - [CMORE_HMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE_HMI) <br/> - [RTSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRTSP) <br/> - [MDNS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMDNS) <br/>
-
113 days agoAdded detection for suspended servers.Search query: [`labels: suspended`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspended)
-
119 days agoAdded detection for ser2net, NBD, Weblogic-T3, Spice, ONVIF, and Hikvision.New protocols include: <br/> - [SER2NET](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSER2NET) <br/> - [NBD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNBD) <br/> - [WEBLOGIC_T3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWEBLOGIC_T3) <br/> - [SPICE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSPICE) <br/> - [ONVIF](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DONVIF) <br/> - [HIKVISION](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHIKVISION) <br/>
-
127 days agoAdded detection for bulletproof hosting providers.Search query: [`labels: bulletproof`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+bulletproof) Learn more about [bulletproof hosting](https://en.wikipedia.org/wiki/Bulletproof_hosting).
-
130 days agoImproved detection for usenet-related services.Search query: [`services.labels: usenet`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60usenet%60)
-
135 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [VENTRILO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVENTRILO) <br/>
-
137 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CHROMECAST](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCHROMECAST) <br/>
-
141 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HID_VERTX](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHID_VERTX) <br/>
-
142 days agoUpgraded support for 1 new L7 protocolUpgraded protocols include: <br/> - [PORTMAP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPORTMAP) <br/>
-
143 days agoAdded and upgraded support for 6 new L7 protocolsNew protocols include: <br/> - [TUYA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTUYA) <br/> - [APACHE_JSERV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPACHE_JSERV) <br/> - [TIBIA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTIBIA) <br/> - [SCPI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSCPI) <br/> - [DVR_IP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDVR_IP) <br/> Upgraded protocols include: <br/> - [CWMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCWMP) <br/>
-
147 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [APPLE_AIRPORT_ADMIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPPLE_AIRPORT_ADMIN) <br/>
-
163 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [IBMNJE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIBMNJE) <br/>
-
163 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [STEAM_IHS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSTEAM_IHS) <br/>
-
165 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [TACACS_PLUS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTACACS_PLUS) <br/>
-
171 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [LSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DLSP) <br/>
-
175 days agoAdded support for 6 new L7 protocolsNew protocols include: <br/> - [ECHO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DECHO) <br/> - [JAVA_RMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DJAVA_RMI) <br/> - [CCSO_NAMESERVER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCCSO_NAMESERVER) <br/> - [CISCO_FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_FINGERD) <br/> - [FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DFINGERD) <br/> - [AFP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAFP) <br/>
-
178 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [DAYTIME](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDAYTIME) <br/>
-
182 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HDDTEMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHDDTEMP) <br/>
-
186 days agoAdded support for 7 new L7 protocolsNew protocols include: <br/> - [YAHOO_SMART_TV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DYAHOO_SMART_TV) <br/> - [IRC_BOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIRC_BOUNCER) <br/> - [SAP_ROUTER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSAP_ROUTER) <br/> - [RIPPLE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIPPLE) <br/> - [MULTISTREAM_SELECT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMULTISTREAM_SELECT) <br/> - [NNTP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNNTP) <br/> - [IOTA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIOTA) <br/>
-
189 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CMORE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE) <br/>
-
199 days agoImproved detection for web application firewalls.Search query: [services.labels="web-application-firewall"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=labels%3D%60web-application-firewall%60)
-
207 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [CISCO_IPSLA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_IPSLA) <br/> - [CRESTRON_CP3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCRESTRON_CP3) <br/> - [RCON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRCON) <br/> - [VOTIFIER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVOTIFIER) <br/> - [WHOIS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWHOIS) <br/>
-
211 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [7 DAYS TO DIE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSEVEN_DAYS_TO_DIE) <br/>
-
212 days agoAdded support for 2 new L7 protocolsNew protocols include: <br/> - [MINECRAFT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMINECRAFT) <br/> - [RIFATRON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIFATRON) <br/>
-
212 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [REDLION_CRIMSON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREDLION_CRIMSON) <br/> - [REALPORT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREALPORT) <br/> - [GEARMAN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DGEARMAN) <br/> - [WINRM](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWINRM) <br/> - [CISCO_SMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_SMI) <br/>
-
213 days agoAdded whois.network.(allocation_type|created|updated) fieldsSearch query: [whois.network.allocation_type: "REALLOCATION"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.allocation_type%3A+%22REALLOCATION%22)
-
217 days agoImproved detection for gaming-related services.Search query: [services.labels="gaming"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.labels%3D%22gaming%22)
-
220 days agoStarted scanning iSCSI (Internet Small Computer Systems Interface)Search query: [services.service_name="ISCSI"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22ISCSI%22)
-
233 days agoStarted scanning for CIMON Programmable Logic Controllers (PLCs)Search query: [services.service_name="CIMON_PLC"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22CIMON_PLC%22)
-
241 days agoStarted scanning for multiple TLS versions on servicesSearch query: [services.tls.versions.tls_version="SSLv3"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.versions.tls_version%3D%22SSLv3%22)
-
241 days agoAdded whois.network.cidrs fieldSearch query: [whois.network.cidrs: 1.0.0.0/24](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.cidrs%3A+1.0.0.0%2F24)
-
241 days agoAdded JA4S and JA4X fingerprints for scans and certificates respectivelySearch query: [services.tls.ja4s: *](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.ja4s%3A+*), [parsed.ja4x: *](https://search.censys.io/search?resource=certificates&q=parsed.ja4x%3A+*)
-
254 days agoStarted scanning Fortinet FcmDaemon on TCP/8013Search query: [`services.service_name:FORTINET_FCM`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3AFORTINET_FCM)
-
269 days agoImproved Software Field Rendering in UIThe software field in the UI now renders the software name and version in a more human-readable format.
-
287 days agoReleased IP Whois data enrichmentThe new `whois` field available in Search and BigQuery can be used to search on IP Whois data.
-
303 days agoImproved detection for internet-connected printersSearch query: [`services.labels: printer`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A%22printer%22)
-
309 days agoAdded Shodan-compatible favicon hash fieldAdded a new `services.http.response.favicons.shodan_hash` field, which contains a hash that is built and formatted in the same way as Shodan's favicon hashes. This allows executing queries built for Shodan against the Censys dataset. To use the field, replace Shodan's `http.favicon.hash` field with Censys' [`services.http.response.favicons.shodan_hash: *`](https://search.censys.io/search/language?resource=hosts&q=services.http.response.favicons.shodan_hash%3A+*&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE) field. Values for the field will be filled in over the next few days, so results will be only partially-complete at first.
-
309 days agoAdded http favicons hashes fieldAdded a new `services.http.response.favicons.hashes` field, which includes multiple hash formats. The old `md5_hash` field still remains in place.
-
310 days agoImproved detection for internet-connected medical devicesSearch query: [`services.labels: medical-device`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60medical-device%60)
-
317 days agoLaunch of Lite Certificates and Improved Certificate PerformanceCensys has re-enabled the Lite Certificates functionality of our Certificates Dataset to improve the stability and performance of Certificate queries. <br><br> Lite Certificates refers to a technique where Censys removes numerous indexed fields from our search index after a certificate has expired, allowing us to significantly shrink the amount of data needed to be stored and queried across. We expect this to increase the responsiveness and speed of Certificate queries, while still maintaining the most common fields used for searches such as names, fingerprints, serial numbers, subject information, and validity. <br><br> For more information, visit our help center article on [Censys Lite Certificates](https://support.censys.io/hc/en-us/articles/4405716032148-Censys-Lite-Certificates).
-
322 days agoAdded New Protocol Scanner: DCERPCA new protocol scanner for DCERPC has been deployed. DCE/RPC is a protocol used for remote procedure calls and is commonly used by Microsoft RPC found on TCP port 135. Censys is currently conducting a one-time prioritized scan of port 135 over the next 48-72 hours to fully populate our dataset with DCERPC services. <br><br> Example Query: [`services.service_name: DCERPC`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&q=services.service_name%3A+DCERPC)
-
325 days agoGeneral Availability of Historical Certificate APIs for All UsersTwo new Historical Certificate APIs are now available to all users. These endpoints allow users to inspect the observations of certificates across our entire collection historical scan data. <br><br> - [Certificate Observation History](https://search.censys.io/api#/certificates%20v2/getCertObservations) - Returns a list of observations containing hosts and their services which ever presented a given certificate fingerprint. <br><br> - [Host Certificate History](https://search.censys.io/api#/hosts/getCertsByHost) - Returns a list of observations containing certificates which were ever presented on a given host. <br><br> History is currently being back-populated for both of these APIs, and results are being populated from the most recent observations to the oldest. Please allow time for the full history to be populated and be made available. A future update will be provided when the process has completed and the full history is made available. <br><br> With this release, the [Hosts by Certificate](https://search.censys.io/api#/certificates%20v2/getHostsByCert) API is now deprecated and is scheduled for removal at a future date. Users should migrate to using the Search endpoint on the Host index using the `services.certificate={fingerprint}` query to find any hosts currently presenting a certificate. <br><br> For more information on getting started using the Search API, visit our [API Documentation](https://search.censys.io/api).
-
331 days agoIncrease Size of Searchable HTTP BodiesQuerying the field `services.http.response.body` will now search over the entire HTTP response body that Censys collects.
-
332 days agoExpose Pending Removal Service StateWhen Censys rescans a known service and the scan is not successful, Censys will maintain the service in its dataset and continue to retry scanning the service. If the service still cannot be successfully scanned after a waiting period it is removed. <br><br> This pending removal state is now exposed to end users through a new field: `services.pending_removal_since` and is set to the timestamp when the service transitioned to the pending removal state. This field is available for search and available on each service in the lookup API. The hosts details page has also been updated to include a pill to highlight when a service is in the pending removal state. <br><br> Example Search query: [`services.pending_removal_since: *`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.pending_removal_since%3A+*)
-
339 days agoAdded parsing of raw ELF binariesSome services return a raw ELF binary, and this was previously detected as `UNKNOWN`. The ELF header is now parsed, and detected as `ELF_FILE`. Search query: [`services.service_name: ELF_FILE`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+ELF_FILE)
-
344 days agoAdded detection for Apache OFBiz serversSearch query: [`services.software: (vendor: apache and product: ofbiz)`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software%3A+%28vendor%3A+apache+and+product%3A+ofbiz%29)
-
344 days agoAdded detection for FiercePhish, SocialPhish, Fake Coinbase, and Fake PaypalSearch query: [`services.software.product: {FiercePhish, SocialPhish, fake-coinbase, fake-paypal}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BFiercePhish%2C+SocialPhish%2C+fake-coinbase%2C+fake-paypal%7D)
-
344 days agoUpdated detection for EvilGoPhish, Gophish, and Fake USPS.Search query: [`services.software.product: {EvilGoPhish, Gophish, fake-usps}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilGoPhish%2C+Gophish%2C+fake-usps%7D)
-
351 days agoStarted scanning Checkpoint TopologySearch query: [`services.service_name=CHECKPOINT_TOPOLOGY`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.service_name%3DCHECKPOINT_TOPOLOGY)
-
354 days agoAdded detection for Evilginx and EvilGoPhish serversSearch query: [`services.software.product: {Evilginx, EvilGoPhish}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilginx%2C+EvilGoPhish%7D)
-
357 days agoRemoved response body from data-download hostsClients should use the `Location` header to follow 302 redirects
-
359 days agoStarted scanning SOCKSv5Search query: [`services.service_name: SOCKS`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+SOCKS)
-
360 days agoAdded detection for Asset Reconnaissance Lighthouse (ARL) and Browser Exploitation Framework (BeEF) serversSearch query: [`services.software.product: {asset-reconnaissance-lighthouse, browser-exploitation-framework}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7Basset-reconnaissance-lighthouse%2C+browser-exploitation-framework%7D)
-
360 days agoImproved detection for open directoriesSearch query: [`labels: open-dir`](https://search.censys.io/search?resource=hosts&q=labels%3A+open-dir)
-
360 days agoAdded detection for Fake Chrome Update and USPS Phishing servers
-
366 days agoAdded new solo subscription tier
-
366 days agoStarted scanning SNMPv3
-
367 days agoAdd new documentation for hosts fields
-
371 days agoStarted scanning L2TP UDP port 1701