Documentation
Start typing to search…

Domains

The Domains page shows all of the Domain Name System (DNS) domains associated with your organization. These domains come from seed data you provided, observations made during Censys Internet scans, DNS analysis, and certificate transparency logs. You see domains unique to your business, as well as shared domains, such as cloud services, where you have services running.

This page can help you explore your online presence, identify unfamiliar assets, and identify vulnerabilities in your network.

Domains list

Go to the ASM web console and click Inventory > Domains. In the table, you see a catalog of all your domains.

Other columns in the view of the table include:

  • Risks: Indicates security concerns associated with the domain, such as misconfigurations, expired certificates, or vulnerabilities that attackers could exploit.
  • Registrar: The registrar or reseller with which the domain name was registered.
  • Name Servers: The DNS servers responsible for resolving domain names to IP addresses, which help direct internet traffic to the correct destinations.
  • Mail Servers: The email servers handling messages for the domain, which can provide insight into an organization’s email infrastructure and potential security risks.

Column selection

Click the above the table to open additional columns with more information about your domains. Select or clear the columns to create your view.

Additional column options include:

  • Cloud: The name of the Cloud Service Provider whose name servers are authoritative for this domain, if applicable.
  • Expiration Date: The date when the domain name registration expires and is released into the available domain pool.
  • Tags: Any tags applied to this asset.

Sort columns

The default sorting for the table is ascending (A-Z) for the Asset ID column. Use the arrows on the other columns to sort the table by those.

Download domain inventory

You can export the domain inventory as a comma-separated value (CSV) file for use in other products and workflows.

Click Actions > Download CSV. The default filename is {timestamp}_{customerName}_DomainsExport.csv. The columns in the CSV file reflect the columns shown in the table when exported.

Search shortcuts

The Search shortcuts panel helps you quickly filter and refine search results based on key attributes. You can filter domains by Association Date to see newly added assets, by Source to identify how they were discovered (e.g., cloud connectors or Censys scans), and by Account ID to group assets by associated accounts. Clicking a value automatically applies it as a filter, enabling efficient query building and streamlined asset analysis.

Domain details

Each domain in the table on the list page links to a domain detail page with additional information about the hostnames, subdomains, and certificates.

From here, you can also view the Censys Search app’s page for this domain to see even more information.

Overview

In the header of the page, general information about the domain includes:

  • Company Name: The name of the company that registered the domain.
  • Abuse Email: The email address to contact if you suspect abuse of this domain.
  • Registrar: The name of the registrar or reseller with whom the domain was registered.
  • Creation Date: The date that the domain was registered.
  • Expiration Date: The date when the domain name registration expires, at which time it becomes available for others to purchase. If you plan to continue using this domain beyond the duration shown, renew before the expiration date.
  • Name Servers: The service responsible for doing the DNS lookup, as obtained from the DNS record for the domain name. Usually, there are two or more for redundancy.
  • Mail Exchange Servers: The servers that receive mail for mailboxes in the domain, as obtained from the MX records for the domain name. This section is not present if no mail servers are set up for the domain.

Domain Information

Recent domain activity

The first card on the page shows recent activity related to this domain, taken from the logbook. Activity includes events such as new subdomains, registrar and expiration date changes, and name server and mail server changes.

Clicking View All at the bottom expands the card, allowing you to view all events related to this host after Censys added it to your organization.

If you want to filter the events further, excluding or including only certain types, click Go to Logbook in the upper right corner of the card. This will take you to the Logbook page, where you can select those refinement options.

The Logbook page shows the domain filter already set for the selected domain.

Discovery Path

The next card shows a list of assets whose connections to this domain were used to determine with confidence that it belongs to your organization.

After investigating, if you decide that you do not want Censys to track this domain for you, you can click Remove on the right side of the page.

This action removes the asset and adds it to an excluded asset list so that it will not reappear in subsequent Censys attributions.

Subdomains

The paginated table at the bottom of the page shows all of the subdomains of the parent whose page you’re on.

Columns in this table include:

  • Subdomain: The subdomain of the domain name at the top of the page.
  • IP Address: All of the hosts that this subdomain resolves to via DNS records.
  • Ports: All of the unique port numbers open across all of the hosts that the name resolves to.

Note that if the domain name whose page you’re on is also a name that resolves to a host, it is represented as a subdomain.

  • To see more information about a subdomain, click the linked name in the first column of the table.

  • To see more information about one of the hosts connected to a subdomain, click the linked IP address.

Subdomain details

The subdomain details page is similar in layout to its parent domain page, with an overview card about its parent domain, a Discovery Path card showing the asset path that led to the inclusion of the subdomain in your attack surface, and recent logbook activity pertaining to the subdomain.

Subdomain information

The Subdomain information card has two tabs that provide connections to other assets in your attack surface related to this subdomain: hosts and certificates.

Hosts table

The table on the Hosts tab contains a row for each of the services running on each of the hosts that this subdomain resolves to via DNS records.

Columns in this table include:

  • Host: All of the hosts that this subdomain resolves to via DNS records.
  • Port: The port number open on this host, represented with the underlying transport protocol (TCP or UDP) used to interact with the service running there.
  • Protocol: The application-layer protocol detected on the open port.
  • Software: Any software packages and versions detected during scan.
  • Banner Data: Content returned by the service during scan.

Certificates table

The table on the Certificates tab contains a row for each of the X.509 certificates containing the subdomain in a names section.

Columns in this table include:

  • Common Name: The common name (if applicable) of the certificate. The SHA-256 fingerprint is shown below.
  • Safety Assessment: A Censys assessment of any risks with the certificate.
  • Ownership: The ownership of the certificate, whether it is yours or a suspected third party’s (read as Unknown).
  • In Use: Whether or not the certificate is being used to verify a service’s identity.

Updated 18 days ago