Shodan Search

The following search filters are available:

Network

• port - filter results on a specified port
• net - filter results on a specified IP or CIDR range
• hostname - filter results based on a specified hostname

Location

• city - filter results residing in a specified  city
• country - filter results residing in a specified country code
• geo - filter results in a specified geo coordinates

HTTP/Web

• http.component - filter results based on specified HTTP technology being used
• http.html - filter results based on a the specified text appearing the the HTTP response text
• http.status - filter results based on the specified HTTP status code
• http.title - filter results based one the specified title in the HTML page

General

• org - filter results belonging to a specified organisation
• title - filter results with the specified value within the title
• os - filter results on a specified operating system
• before/after - filter results within a specified time frame
• hash - filter results on a specified hash value
• has_screenshot - filter results that either have or don’t have a screenshot
• product - filter results based on the specified product
• version - filter results based on the specified version number

Examples

Identify systems belonging to Google:

org:"Google"

Identify systems belonging to Google that are located in London:

org:"Google" city:"London"

Identify systems belonging to Google that are located in the UK:

org:"Google" country:"GB"

Identify all NGinx servers belonging to Google in the UK:

nginx org:"Google" country:"GB"

Shodan Domain Records

Use the following URL to perform a domain search using Shodan:

<https://www.shodan.io/domain/><domain>

Where <domain> is the domain to search for.

For example to search for google.com:

<https://www.shodan.io/domain/google.com>