Parameter | Description |
---|---|
Facets | A comma-separated list of properties to get summary information on. Property names can also be in the format of “property:count”, where “count” is the number of facets that will be returned for a property (i.e. “country:100” to get the top 100 countries for a search query). Visit the Shodan website’s Facet Analysis page for an up-to-date list of available facets: |
Page | The page number to page through results 100 at a time (default: 1). |
Query | Shodan search query. The provided string is used to search the database of banners in Shodan, with the additional option to provide filters inside the search query using a “filter:value” format. For example, the following search query would find Apache Web servers located in Germany: “apache country:DE”. |
{
"facets": {
"country": [
{
"count": 7883733,
"value": "US"
},
{
"count": 2964965,
"value": "CN"
},
{
"count": 1945369,
"value": "DE"
},
{
"count": 1717359,
"value": "HK"
},
{
"count": 940900,
"value": "FR"
}
]
},
"matches": [
{
"_shodan": {
"crawler": "c9b639b99e5410a46f656e1508a68f1e6e5d6f99",
"id": "534cc127-e734-44bc-be88-2e219a56a099",
"module": "auto",
"options": {},
"ptr": true
},
"asn": "AS7922",
"cpe": [
"cpe:/a:igor_sysoev:nginx"
],
"data": "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Mon, 25 Jan 2021 21:33:48 GMT\r\nContent-Type: text/html\r\nContent-Length: 650\r\nConnection: close\r\n\r\n",
"domains": [
"webapplify.net"
],
"hash": -1609083510,
"hostnames": [
"three.webapplify.net"
],
"http": {
"components": {},
"host": "96.93.212.27",
"html": "\r\n400 The plain HTTP request was sent to HTTPS port\r\n\r\n400 Bad Request\r\nThe plain HTTP request was sent to HTTPS port\r\nnginx\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n",
"html_hash": 199333125,
"location": "/",
"redirects": [],
"robots": null,
"robots_hash": null,
"securitytxt": null,
"securitytxt_hash": null,
"server": "nginx",
"sitemap": null,
"sitemap_hash": null,
"title": "400 The plain HTTP request was sent to HTTPS port"
},
"ip": 1616761883,
"ip_str": "96.93.212.27",
"isp": "Comcast Business",
"location": {
"area_code": null,
"city": "Denver",
"country_code": "US",
"country_code3": null,
"country_name": "United States",
"dma_code": 751,
"latitude": 39.7301,
"longitude": -104.9078,
"postal_code": null,
"region_code": "CO"
},
"org": "Comcast Business",
"os": null,
"port": 443,
"product": "nginx",
"timestamp": "2021-01-25T21:33:49.154513",
"transport": "tcp"
},
{
"_shodan": {
"crawler": "c9b639b99e5410a46f656e1508a68f1e6e5d6f99",
"id": "118b7360-01d0-4edb-8ee9-01e411c23e60",
"module": "auto",
"options": {},
"ptr": true
},
"asn": "AS49189",
"cpe": [
"cpe:/a:igor_sysoev:nginx:1.4.2"
],
"data": "HTTP/1.1 410 Gone\r\nServer: nginx/1.4.2\r\nDate: Mon, 25 Jan 2021 21:33:50 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 295\r\nConnection: keep-alive\r\n\r\n",
"domains": [
"kolobok.us"
],
"hash": 1940048442,
"hostnames": [
"kolobok.us"
],
"http": {
"components": {},
"host": "185.11.246.51",
"html": "\n\n410 Gone\n\nGone\nThe requested resource/\nis no longer available on this server and there is no forwarding address.\nPlease remove all references to this resource.\n\n",
"html_hash": 922034037,
"location": "/",
"redirects": [],
"robots": null,
"robots_hash": null,
"securitytxt": null,
"securitytxt_hash": null,
"server": "nginx/1.4.2",
"sitemap": null,
"sitemap_hash": null,
"title": "410 Gone"
},
"ip": 3104568883,
"ip_str": "185.11.246.51",
"isp": "RuWeb",
"location": {
"area_code": null,
"city": null,
"country_code": "RU",
"country_code3": null,
"country_name": "Russia",
"dma_code": null,
"latitude": 55.7386,
"longitude": 37.6068,
"postal_code": null,
"region_code": null
},
"org": "RuWeb",
"os": null,
"port": 80,
"product": "nginx",
"timestamp": "2021-01-25T21:33:51.172037",
"transport": "tcp",
"version": "1.4.2"
}
],
"total": 23047224
}
Was this page helpful?