Skip to content

API reference

Quick start

bash
# Health check
curl http://localhost:8090/health

# Seed a domain for intelligence enrichment
curl -X POST http://localhost:8090/domains \
  -H "Content-Type: application/json" \
  -d '{"domains": ["example.com"], "collectors": ["ct", "rdap", "dns"]}'

# Query intelligence
curl http://localhost:8090/domains/example.com
curl http://localhost:8090/domains/example.com/subdomains
curl http://localhost:8090/domains/example.com/pivots

# Start a discovery campaign
curl -X POST http://localhost:8090/campaigns \
  -H "Content-Type: application/json" \
  -d '{
    "seeds": ["example.com"],
    "collectors": ["dns", "http", "tls", "ct", "rdap"],
    "limits": { "max_depth": 2, "max_entities": 5000 }
  }'

Endpoints

Health

MethodPathDescription
GET/healthLiveness check
GET/metricsOperational metrics (JSON)
GET/metrics/prometheusPrometheus exposition format

Domain intelligence

MethodPathDescription
POST/domainsSeed domains and queue enrichment
GET/domains/{domain}Domain record + graph edges
GET/domains/{domain}/subdomainsSubdomains from CT store
GET/domains/{domain}/certificatesCertificates covering the domain
GET/domains/{domain}/rdapLatest RDAP record
GET/domains/{domain}/dnsCached DNS records
GET/domains/{domain}/pivotsPivot summary for the domain
POST/domains/{domain}/enrichRe-queue enrichment for one domain

Pivots

MethodPathDescription
GET/pivots/nameserver/{ns}Domains using a nameserver
GET/pivots/registrar/{registrar}Domains with matching registrar
GET/pivots/certificate/{fingerprint}Domains on a certificate
GET/pivots/mx/{mx}Domains using an MX host
GET/pivots/favicon/{hash}Domains sharing a favicon hash
GET/pivots/entity/{handle}Domains linked to an RDAP entity handle
GET/pivots/tracker/{id}Domains sharing an analytics/tracker ID

CT ingestor

MethodPathDescription
GET/ct/configCurrent ingestor configuration
PUT/ct/configUpdate ingestor configuration
POST/ct/backfillEnable TLD-targeted backfill
GET/ct/statusLog progress and store counts

Campaigns

MethodPathDescription
GET/campaignsList campaigns (?status=running)
POST/campaignsStart a discovery campaign
GET/campaigns/{id}Campaign status + expansion suggestions
GET/campaigns/{id}/progressJob and entity counts
GET/campaigns/{id}/eventsNDJSON event stream
GET/campaigns/{id}/entitiesDiscovered entities
GET/campaigns/{id}/edgesRelationship edges
GET/campaigns/{id}/reportCompiled campaign report
POST/campaigns/{id}/expandApprove expansion entities

Seed domains

POST /domains

json
{
  "domains": ["example.com", "example.org"],
  "collectors": ["ct", "rdap", "dns", "http", "tls"]
}
FieldRequiredDescription
domainsyesRegistrable domain names
collectorsnoDefaults to dns, http, tls, ct; rdap is added if omitted

Response 202 Accepted

json
{
  "domains": [
    { "domain": "example.com", "domain_id": "dom_...", "status": "queued" }
  ],
  "jobs_queued": 1,
  "collectors": ["dns", "http", "tls", "ct", "rdap"]
}

Create campaign

POST /campaigns

json
{
  "seeds": ["example.com", "203.0.113.10"],
  "collectors": ["dns", "http", "tls", "ct", "rdap"],
  "depth": 2,
  "limits": {
    "max_depth": 2,
    "max_entities": 5000
  }
}
FieldRequiredDescription
seedsyesDomains, subdomains, IPs, URLs, or emails
collectorsnoDefault: dns, http, tls, ct
depthnoLegacy alias for limits.max_depth
limits.max_depthnoDefault 2
limits.max_entitiesnoDefault 5000

Discoveries beyond seeds require explicit approval via POST /campaigns/{id}/expand.

Campaign status filter

GET /campaigns?status=running

Accepts canonical statuses and aliases:

AliasExpands to
activequeued, running, expanding, waiting_for_rate_limit
donecompleted, completed_with_errors, cancelled
failedcompleted_with_errors

CT backfill

POST /ct/backfill

json
{
  "target_tlds": ["com", "io", "co.uk", "net", "org"],
  "include_readonly": true,
  "batches_per_cycle": 30,
  "batch_size": 512
}

Sets backfill_mode: true and updates ingestor_config in Postgres. The ct-ingestor service reads this on each poll cycle.

GuideDescription
ArchitectureComponents and flows
Data modelTables and relationships
PivotsPivot semantics and limitations
OperationsEnvironment variables

Native tools, weird experiments, and practical performance work.