I am not 100% what I am seeing here, but an informed guess is, that this is a DB shared with many diverse users, that vary widely so access control is just not practical nor necessary. If anyone has a better idea, let me know.

First of all, it would most likely be a breach of their terms and conditions, but also it would be far more economical to just use the API as you or store smaller subsets for analysis. Also, the focus on AWS infra on that scale seems rather out of the ordinary to me.

Final thoughts: Storing a massive set like this on a box connected to the open with no access control of the DB seems highly unusual to me. It could be just an oversight, but even for normal researchers there are not many reasons to scrape Censys like this.

DB Timestamps hint that the DB was setup and filled in April 2024. Most "scan results" are from May 2023, according to the entries in the DB.

The reveal: The Database has a massive list of infos of standard Censys scans stored. All of the scans seem to be aiming at AWS/Cloudfront CDN servers in the US.

The server only has SSH port, EA ports and port 7777 open, which is open for TLS business.

There also seems to be a Fast Reverse Proxy (FRP) running on the machine, which is interesting. Though not totally uncommon, especially for Chinese servers. The server IP doesn't seem to have any domains attached to it nor is the IP flagged in the most common databases and malicious IP repositories.

The setup: A server based in Shanghai with a massive unsecured Elastic Search Database of over 2.3 TB.