AXFR Check

API Information

>_ Who we are?

We are a small R&D group, and our goal is to make the web a better, and more secure place. With this project, we would like to call everyone's attention, how easy to take advantage of missconfigured DNS.

>_ What are the risks?

About DNS Zone Transfer AXFR Requests May Leak Domain Information: https://www.us-cert.gov/ncas/alerts/TA15-103A

>_ API calls


Base URL

http://api.axfrcheck.com/api

GET

  • Check by domain name of provider
  • /provider/DOMAINNAME

  • Check by DNS server name
  • /dns/DNSSERVERNAME

  • Check by website domain name
  • /domain/DOMAINNAME

  • Number of affected DNS servers
  • /dns/count

  • Online AXFR check
  • /check/DOMAINNAME


    Removal Requests: hello@axfrcheck.com

    Api Limit (requests): "240 per day", "60 per hour"

    >_ Example

    Search for domain:

    /domain/openssl.org

    					
    {
    	"data": {
    		"created_at": "Tue, 24 May 2016 12:17:42 GMT",
    		"domain": {
    		"affected_dns": [
    			"primary.lp.se"
    		],
    		"affected_domain": [
    			"openssl.org"
    		],
    		"whois": {
    			"city": null,
    			"country": null
    		}
    		}
    	},
    	"removal_requests": "hello@axfrcheck.com",
    	"status": "ok"
    }
    					
    				

    Search for DNS:

    /dns/primary.lp.se

    					
    {
    	"data": {
    		"created_at": "Tue, 24 May 2016 12:17:42 GMT",
    		"domain": {
    		"affected_dns": [
    			"primary.lp.se"
    		],
    		"affected_domain": [
    			"openssl.org"
    		],
    		"whois": {
    			"city": null,
    			"country": null
    		}
    		}
    	},
    	"removal_requests": "hello@axfrcheck.com",
    	"status": "ok"
    }
    					
    				

    Search for DNS Provider:

    /provider/lp.se

    					
    {
    	"data": {
    		"created_at": "Tue, 24 May 2016 12:17:42 GMT",
    		"domain": {
    		"affected_dns": [
    			"primary.lp.se"
    		],
    		"affected_domain": [
    			"openssl.org"
    		],
    		"whois": {
    			"city": null,
    			"country": null
    		}
    		}
    	},
    	"removal_requests": "hello@axfrcheck.com",
    	"status": "ok"
    }
    					
    				

    Online AXFR check:

    /check/axfr/openssl.org

    
    {
      "data": {
        "affected_dns_count": [
          "primary.lp.se"
        ]
      },
      "status": "ok"
    }
    				

    Online SSL Vuln check:

    /check/ssl/openssl.org

    
    {
      "data": [
        {
          "ssl_vulnerabilities": [
            {
              "heartbleed": "False"
            },
            {
              "ccs": "False"
            }
          ]
        }
      ],
      "status": "ok"
    }
    				

    Record search:

    /record/phpmyadmin

    {
      "count": 3316,
      "data": [
        "http://api.axfrcheck.com/api/domain/bilecikemirhaliyikama.com/records",
        "http://api.axfrcheck.com/api/domain/netonbir.com/records",
        "http://api.axfrcheck.com/api/domain/fml.ro/records",
        "http://api.axfrcheck.com/api/domain/bluenet.pl/records",
        "http://api.axfrcheck.com/api/domain/imdrunk.ru/records",
    ....
    ....
    ....
      ],
      "search_string": "^phpmyadmin",
      "status": "ok"
    }	
    				

    >_ Database size

  • 197082772 domains
  • 197082772 processed domains
  • 4977991 affected domains
  • 208257 affected providers
  • (2016.08.08.)

    >_ Contacts

    For further information, please contact Mail.


    Copyright © created by Abo