ScanSearch
On-demand internet scanner. Trigger a live port and service scan of any IP, CIDR or country via REST API and get fresh results in seconds.
Cost / License
- Freemium (Subscription)
- Proprietary
Application types
EUPlatforms
- Online
Features
- Command line interface
- Network Scanner
- Penetration Testing
ScanSearch News & Activities
Recent activities
- blureshot added ScanSearch
- POX updated ScanSearch
blureshot added ScanSearch as alternative to Shodan, Criminal IP, ZoomEye and Censys
ScanSearch information
Developed by
ScanSearch Licensing
Proprietary and Freemium product.Pricing
Subscription ranging between $30 and $3000 per month + free version with limited functionality.Alternatives
10 alternatives listedSupported Languages
- English
- Spanish
- Russian
- Chinese
What is ScanSearch?
ScanSearch is an on-demand internet scanner — different from indexed search engines like Shodan and Censys. Instead of querying a cached snapshot of the internet, you trigger a real, live SYN + service scan of any target you specify, and ScanSearch runs the scan now and returns the results. Why it matters: with Shodan or Censys you get whatever was crawled days or weeks ago. With ScanSearch every result is current at the moment you ask. What you can scan:
Single IPs, CIDRs (any size), or lists of both Whole countries by ISO code Domain lists (resolved server side) Custom CIDR file uploads
What you can collect per scan:
Open ports (SYN scan) — ip:port per host Service identification — name, protocol, banner, product, vendor, version, CPE, confidence TLS / certificate data — version, cipher, issuer, subject, SANs, expiry, SHA-256, JARM and JA3S fingerprints HTTP — title, server header, status, full headers, body hash, favicon hash, redirect chain, robots.txt, security.txt OS detection (vendor + family), SSH fingerprint + HASSH, SMB hostname/domain/OS Reverse DNS, DNS records (MX/NS/TXT, SPF/DMARC/DKIM presence) RDAP / WHOIS — netname, abuse email, org, registration date, allocated CIDR GeoIP — country/city/region, lat/lng, ASN + org, timezone, continent Threat intel — threat type/score, WAF detection, honeypot score, taxonomy tags CVE matching — CVE IDs, count, max CVSS for fingerprinted versions Certificate Transparency — CT-derived domain list per cert Industrial / IoT — MQTT auth mode, Modbus device + unit ID, BACnet device Cloud provider detection Subdomain enumeration (subfinder + crt.sh + DNS resolve) for domain targets Web technology stack (Wappalyzer-style: CMS, frameworks, JS libs, server software)
Free vs paid: free tier is capped at 2 kpps, 1 country per scan, max 5 ports per scan, 3 scans/day, shows the first 1,000 results in the UI and limits downloads to 100 rows — for trying the API. Paid plans unlock 100–10,000 kpps, unlimited targets, full results and full export. Plus 17 free network tools (port scanner, SSL checker, subdomain finder, CVE lookup, ASN lookup, ...) and an official Python SDK + CLI (pip install scansearch). Linear pricing from $30/mo, free tier available, crypto checkout (Coingate) supported — useful for global users whose cards are blocked by Stripe.