API Reference
Start typing to search…

Get host history for a certificate

get
https://api.platform.censys.io/v3/threat-hunting/certificate//observations/hosts

Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Adversary Investigation users in the Platform UI on the certificate timeline.

You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.

This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 5 credits per page of results.

Path Params
string
required

SHA-256 hash of the certificate

Query Params
uuid
required

The ID of a Censys organization to associate the request with. See the Getting Started docs for more information.

string

Only show ranges ending at or after this time (ISO 8601)

string

Only show ranges starting at or before this time (ISO 8601)

int32

The port to filter by

string

The transport protocol to filter by

string

Pagination token from previous response to retrieve next page of results

int32

Number of results per page. Maximum 100, defaults to 100 if not specified

Headers
uuid

The ID of a Censys organization to associate the request with. See the Getting Started docs for more information. Note: The header parameter is supported for atypical use cases; we recommend always providing this field via the query parameter.

string
enum
Defaults to application/json

Generated from available response content types

Allowed:
Responses

Updated 6 days ago

Language
Credentials
Bearer
Response 
Click Try It! to start a request and see the response here! Or choose an example:
application/json
application/problem+json
Updated 6 days ago