-
55 days agoReverted the previous change to redacted date fields in HTTP responses. Some values may take time to refresh and return to their previous states.Read more [here](https://status.censys.com/incidents/dsg9rb188qvq).
-
60 days agoFixed an error where redacted date fields in HTTP responses had a spurious space in the redaction notation ("<REDACTED>"). This will affect banner hashes for all impacted HTTP services.
-
67 days agoAdded detection for RLOGIN, NTRIP, PGBOUNCER. Upgraded WS_DISCOVERYNew/Updated protocols include: <br/> - [RLOGIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRLOGIN) <br/> - [NTRIP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNTRIP) <br/> - [PGBOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPGBOUNCER) <br/> - [WS_DISCOVERY](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWS_DISCOVERY) <br/>
-
74 days agoAdded detection for suspicious open directoriesSearch query: [`labels: suspicious-open-dir`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspicious-open-dir)
-
83 days agoExpanded detection of Murmur/Mumble serversNew/Updated protocols include: <br/> - [MURMUR Servers (new) ](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+tcp%29) <br/> - [MURMUR Tunnels (existing)](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services%3A+%28service_name%3A+murmur+and+transport_protocol%3A+udp%29) <br/>
-
86 days agoAdded detection for CMORE_HMI. Upgraded RTSP + mDNS.New/Updated protocols include: <br/> - [CMORE_HMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE_HMI) <br/> - [RTSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRTSP) <br/> - [MDNS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMDNS) <br/>
-
115 days agoAdded detection for suspended servers.Search query: [`labels: suspended`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+suspended)
-
121 days agoAdded detection for ser2net, NBD, Weblogic-T3, Spice, ONVIF, and Hikvision.New protocols include: <br/> - [SER2NET](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSER2NET) <br/> - [NBD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNBD) <br/> - [WEBLOGIC_T3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWEBLOGIC_T3) <br/> - [SPICE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSPICE) <br/> - [ONVIF](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DONVIF) <br/> - [HIKVISION](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHIKVISION) <br/>
-
129 days agoAdded detection for bulletproof hosting providers.Search query: [`labels: bulletproof`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+bulletproof) Learn more about [bulletproof hosting](https://en.wikipedia.org/wiki/Bulletproof_hosting).
-
132 days agoImproved detection for usenet-related services.Search query: [`services.labels: usenet`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60usenet%60)
-
137 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [VENTRILO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVENTRILO) <br/>
-
139 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CHROMECAST](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCHROMECAST) <br/>
-
143 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HID_VERTX](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHID_VERTX) <br/>
-
144 days agoUpgraded support for 1 new L7 protocolUpgraded protocols include: <br/> - [PORTMAP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DPORTMAP) <br/>
-
145 days agoAdded and upgraded support for 6 new L7 protocolsNew protocols include: <br/> - [TUYA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTUYA) <br/> - [APACHE_JSERV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPACHE_JSERV) <br/> - [TIBIA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTIBIA) <br/> - [SCPI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSCPI) <br/> - [DVR_IP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDVR_IP) <br/> Upgraded protocols include: <br/> - [CWMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCWMP) <br/>
-
149 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [APPLE_AIRPORT_ADMIN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAPPLE_AIRPORT_ADMIN) <br/>
-
165 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [IBMNJE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIBMNJE) <br/>
-
165 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [STEAM_IHS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSTEAM_IHS) <br/>
-
167 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [TACACS_PLUS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DTACACS_PLUS) <br/>
-
173 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [LSP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DLSP) <br/>
-
177 days agoAdded support for 6 new L7 protocolsNew protocols include: <br/> - [ECHO](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DECHO) <br/> - [JAVA_RMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DJAVA_RMI) <br/> - [CCSO_NAMESERVER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCCSO_NAMESERVER) <br/> - [CISCO_FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_FINGERD) <br/> - [FINGERD](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DFINGERD) <br/> - [AFP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DAFP) <br/>
-
180 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [DAYTIME](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DDAYTIME) <br/>
-
184 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [HDDTEMP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DHDDTEMP) <br/>
-
188 days agoAdded support for 7 new L7 protocolsNew protocols include: <br/> - [YAHOO_SMART_TV](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DYAHOO_SMART_TV) <br/> - [IRC_BOUNCER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIRC_BOUNCER) <br/> - [SAP_ROUTER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSAP_ROUTER) <br/> - [RIPPLE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIPPLE) <br/> - [MULTISTREAM_SELECT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMULTISTREAM_SELECT) <br/> - [NNTP](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DNNTP) <br/> - [IOTA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DIOTA) <br/>
-
191 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [CMORE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCMORE) <br/>
-
201 days agoImproved detection for web application firewalls.Search query: [services.labels="web-application-firewall"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=labels%3D%60web-application-firewall%60)
-
209 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [CISCO_IPSLA](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_IPSLA) <br/> - [CRESTRON_CP3](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCRESTRON_CP3) <br/> - [RCON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRCON) <br/> - [VOTIFIER](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DVOTIFIER) <br/> - [WHOIS](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWHOIS) <br/>
-
213 days agoAdded support for 1 new L7 protocolNew protocols include: <br/> - [7 DAYS TO DIE](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DSEVEN_DAYS_TO_DIE) <br/>
-
214 days agoAdded support for 2 new L7 protocolsNew protocols include: <br/> - [MINECRAFT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DMINECRAFT) <br/> - [RIFATRON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DRIFATRON) <br/>
-
214 days agoAdded support for 5 new L7 protocolsNew protocols include: <br/> - [REDLION_CRIMSON](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREDLION_CRIMSON) <br/> - [REALPORT](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DREALPORT) <br/> - [GEARMAN](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DGEARMAN) <br/> - [WINRM](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DWINRM) <br/> - [CISCO_SMI](https://search.censys.io/search?resource=hosts&per_page=25&q=services.service_name%3DCISCO_SMI) <br/>
-
215 days agoAdded whois.network.(allocation_type|created|updated) fieldsSearch query: [whois.network.allocation_type: "REALLOCATION"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.allocation_type%3A+%22REALLOCATION%22)
-
219 days agoImproved detection for gaming-related services.Search query: [services.labels="gaming"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.labels%3D%22gaming%22)
-
222 days agoStarted scanning iSCSI (Internet Small Computer Systems Interface)Search query: [services.service_name="ISCSI"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22ISCSI%22)
-
235 days agoStarted scanning for CIMON Programmable Logic Controllers (PLCs)Search query: [services.service_name="CIMON_PLC"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3D%22CIMON_PLC%22)
-
243 days agoStarted scanning for multiple TLS versions on servicesSearch query: [services.tls.versions.tls_version="SSLv3"](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.versions.tls_version%3D%22SSLv3%22)
-
243 days agoAdded whois.network.cidrs fieldSearch query: [whois.network.cidrs: 1.0.0.0/24](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=whois.network.cidrs%3A+1.0.0.0%2F24)
-
243 days agoAdded JA4S and JA4X fingerprints for scans and certificates respectivelySearch query: [services.tls.ja4s: *](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.tls.ja4s%3A+*), [parsed.ja4x: *](https://search.censys.io/search?resource=certificates&q=parsed.ja4x%3A+*)
-
256 days agoStarted scanning Fortinet FcmDaemon on TCP/8013Search query: [`services.service_name:FORTINET_FCM`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.service_name%3AFORTINET_FCM)
-
271 days agoImproved Software Field Rendering in UIThe software field in the UI now renders the software name and version in a more human-readable format.
-
289 days agoReleased IP Whois data enrichmentThe new `whois` field available in Search and BigQuery can be used to search on IP Whois data.
-
305 days agoImproved detection for internet-connected printersSearch query: [`services.labels: printer`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A%22printer%22)
-
311 days agoAdded Shodan-compatible favicon hash fieldAdded a new `services.http.response.favicons.shodan_hash` field, which contains a hash that is built and formatted in the same way as Shodan's favicon hashes. This allows executing queries built for Shodan against the Censys dataset. To use the field, replace Shodan's `http.favicon.hash` field with Censys' [`services.http.response.favicons.shodan_hash: *`](https://search.censys.io/search/language?resource=hosts&q=services.http.response.favicons.shodan_hash%3A+*&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE) field. Values for the field will be filled in over the next few days, so results will be only partially-complete at first.
-
311 days agoAdded http favicons hashes fieldAdded a new `services.http.response.favicons.hashes` field, which includes multiple hash formats. The old `md5_hash` field still remains in place.
-
312 days agoImproved detection for internet-connected medical devicesSearch query: [`services.labels: medical-device`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.labels%3A+%60medical-device%60)
-
319 days agoLaunch of Lite Certificates and Improved Certificate PerformanceCensys has re-enabled the Lite Certificates functionality of our Certificates Dataset to improve the stability and performance of Certificate queries. <br><br> Lite Certificates refers to a technique where Censys removes numerous indexed fields from our search index after a certificate has expired, allowing us to significantly shrink the amount of data needed to be stored and queried across. We expect this to increase the responsiveness and speed of Certificate queries, while still maintaining the most common fields used for searches such as names, fingerprints, serial numbers, subject information, and validity. <br><br> For more information, visit our help center article on [Censys Lite Certificates](https://support.censys.io/hc/en-us/articles/4405716032148-Censys-Lite-Certificates).
-
324 days agoAdded New Protocol Scanner: DCERPCA new protocol scanner for DCERPC has been deployed. DCE/RPC is a protocol used for remote procedure calls and is commonly used by Microsoft RPC found on TCP port 135. Censys is currently conducting a one-time prioritized scan of port 135 over the next 48-72 hours to fully populate our dataset with DCERPC services. <br><br> Example Query: [`services.service_name: DCERPC`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&q=services.service_name%3A+DCERPC)
-
327 days agoGeneral Availability of Historical Certificate APIs for All UsersTwo new Historical Certificate APIs are now available to all users. These endpoints allow users to inspect the observations of certificates across our entire collection historical scan data. <br><br> - [Certificate Observation History](https://search.censys.io/api#/certificates%20v2/getCertObservations) - Returns a list of observations containing hosts and their services which ever presented a given certificate fingerprint. <br><br> - [Host Certificate History](https://search.censys.io/api#/hosts/getCertsByHost) - Returns a list of observations containing certificates which were ever presented on a given host. <br><br> History is currently being back-populated for both of these APIs, and results are being populated from the most recent observations to the oldest. Please allow time for the full history to be populated and be made available. A future update will be provided when the process has completed and the full history is made available. <br><br> With this release, the [Hosts by Certificate](https://search.censys.io/api#/certificates%20v2/getHostsByCert) API is now deprecated and is scheduled for removal at a future date. Users should migrate to using the Search endpoint on the Host index using the `services.certificate={fingerprint}` query to find any hosts currently presenting a certificate. <br><br> For more information on getting started using the Search API, visit our [API Documentation](https://search.censys.io/api).
-
333 days agoIncrease Size of Searchable HTTP BodiesQuerying the field `services.http.response.body` will now search over the entire HTTP response body that Censys collects.
-
334 days agoExpose Pending Removal Service StateWhen Censys rescans a known service and the scan is not successful, Censys will maintain the service in its dataset and continue to retry scanning the service. If the service still cannot be successfully scanned after a waiting period it is removed. <br><br> This pending removal state is now exposed to end users through a new field: `services.pending_removal_since` and is set to the timestamp when the service transitioned to the pending removal state. This field is available for search and available on each service in the lookup API. The hosts details page has also been updated to include a pill to highlight when a service is in the pending removal state. <br><br> Example Search query: [`services.pending_removal_since: *`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.pending_removal_since%3A+*)
-
341 days agoAdded parsing of raw ELF binariesSome services return a raw ELF binary, and this was previously detected as `UNKNOWN`. The ELF header is now parsed, and detected as `ELF_FILE`. Search query: [`services.service_name: ELF_FILE`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+ELF_FILE)
-
346 days agoAdded detection for Apache OFBiz serversSearch query: [`services.software: (vendor: apache and product: ofbiz)`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software%3A+%28vendor%3A+apache+and+product%3A+ofbiz%29)
-
346 days agoAdded detection for FiercePhish, SocialPhish, Fake Coinbase, and Fake PaypalSearch query: [`services.software.product: {FiercePhish, SocialPhish, fake-coinbase, fake-paypal}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BFiercePhish%2C+SocialPhish%2C+fake-coinbase%2C+fake-paypal%7D)
-
346 days agoUpdated detection for EvilGoPhish, Gophish, and Fake USPS.Search query: [`services.software.product: {EvilGoPhish, Gophish, fake-usps}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilGoPhish%2C+Gophish%2C+fake-usps%7D)
-
353 days agoStarted scanning Checkpoint TopologySearch query: [`services.service_name=CHECKPOINT_TOPOLOGY`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.service_name%3DCHECKPOINT_TOPOLOGY)
-
356 days agoAdded detection for Evilginx and EvilGoPhish serversSearch query: [`services.software.product: {Evilginx, EvilGoPhish}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7BEvilginx%2C+EvilGoPhish%7D)
-
359 days agoRemoved response body from data-download hostsClients should use the `Location` header to follow 302 redirects
-
361 days agoStarted scanning SOCKSv5Search query: [`services.service_name: SOCKS`](https://search.censys.io/search?resource=hosts&q=services.service_name%3A+SOCKS)
-
362 days agoAdded detection for Asset Reconnaissance Lighthouse (ARL) and Browser Exploitation Framework (BeEF) serversSearch query: [`services.software.product: {asset-reconnaissance-lighthouse, browser-exploitation-framework}`](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=services.software.product%3A+%7Basset-reconnaissance-lighthouse%2C+browser-exploitation-framework%7D)
-
362 days agoImproved detection for open directoriesSearch query: [`labels: open-dir`](https://search.censys.io/search?resource=hosts&q=labels%3A+open-dir)
-
362 days agoAdded detection for Fake Chrome Update and USPS Phishing servers
-
368 days agoAdded new solo subscription tier
-
368 days agoStarted scanning SNMPv3
-
369 days agoAdd new documentation for hosts fields
-
373 days agoStarted scanning L2TP UDP port 1701