Last week, we added new parsed redirect data fields to the Censys Platform. You can use them to map relationships, identify misconfigurations, find parked domains, locate abandoned infrastructure, and more.
The fields are contained in a redirect_chain subobject on host service endpoints and web properties and are broken down as shown in the table below. All Starter and above users can see these fields and all Core and Enterprise users can search across them.
| Field | Description |
|---|---|
[host.services or web].endpoints.http.redirect_chain.reason | The reason for the redirect. Can be HTTP_3XX, REFRESH_HEADER, or UNRECOGNIZED. |
*.endpoints.http.redirect_chain.transport_protocol | The transport protocol used for the redirect. |
*.endpoints.http.redirect_chain.hostname | The hostname that the redirect points to. |
*.endpoints.http.redirect_chain.path | The path that the redirect points to, like /, /login, /admin, and so on. |
*.endpoints.http.redirect_chain.port | The port that the redirect points to. |
A fairly innocuous example of how to use this data is to search for a specific hostname that a redirect points to, like:
web.endpoints.http.redirect_chain.hostname= "censys.com"
And then run a report to breakdown the paths for redirects to that hostname, like this. Give it a try today and let us know what you find!