dns.A ==
"1.2.3.4"Match a specific A record
final_headers.server contains "nginx"Find nginx servers
final_headers.x-powered-by existsExpose the tech stack
final_headers.cf-ray existsRunning behind Cloudflare
dns.TXT contains
"v=spf1"Has SPF record
dns.MX.exchange contains "google"Uses Google mail
whois.registrar contains "namecheap"Registered at Namecheap
root_files.sha1 == "da39a…"Match a
specific file hash (SHA1)
root_files.minhash == "…"Find files
with matching MinHash (content similarity)
root_files.minhash_bands contains "…"LSH band
match for similar files
root_files.path == "/gate.php"Phishing kit
submission gate
/.env found (200)Exposed env
config
screenshot_phash == "…"Find visually similar
screenshots (pHash)
certs.san ~=
"^login\."Certs with login.* SAN (regex)
bgp.asn.asn ==
"AS12345"Match specific ASN
bgp.asn.asn_cidr contains "43.160"IP in CIDR range
bgp.he_dns_records.Hostname contains "google"HE
DNS records hostname match
bgp.he_search_results.Description contains
"cloud"HE search result match
status==200 AND server contains
nginxActive nginx site
NOT screenshot exists AND status==200200 but no
screenshot taken