This document describes the HTTP endpoints exposed by the Flask application. All examples assume the server is running locally on http://localhost:5000 and the base_url variable used by the Postman collection refers to that address.

The complete route map can also be browsed via the built-in Swagger UI at /swagger. The underlying OpenAPI document is served as /static/openapi.yaml.

• POST endpoints expect form data unless otherwise indicated.
• JSON responses are returned only from a few routes as noted.
• Successful POST requests typically redirect back to / with a flash message.

Render the main search page.

curl http://localhost:5000/

Optional query parameter q accepts plain text or expressions using the url:, timestamp:, http: and mime: operators combined with Boolean keywords (AND, OR, NOT).

Example:

curl -G --data-urlencode "q=url:example.com AND http:200" http://localhost:5000/

Fetch Wayback Machine CDX records for a domain and insert any new URLs into the loaded database.

Parameters:

• domain – domain name to query.

Example:

curl -X POST -d "domain=example.com" http://localhost:5000/fetch_cdx

Import URLs from a JSON file. The route is accessible via both /import_file and /import_json.

Parameters:

• import_file or json_file – JSON array or newline-delimited records.

Example:

curl -X POST -F "[email protected]" http://localhost:5000/import_file

Return JSON describing the current import status.

Example:

curl http://localhost:5000/import_progress

Response:

{"status": "done", "progress": 10, "total": 10, "detail": "Imported 10 records."}

Add a tag to a single URL entry.

Parameters:

• entry_id – ID of the entry.
• new_tag – tag text to add.

Example:

curl -X POST -d "entry_id=1" -d "new_tag=important" http://localhost:5000/add_tag

Apply a tag, remove a tag or delete many entries at once.

Parameters:

• action – add_tag, remove_tag or delete.
• tag – tag name used with add/remove actions.
• selected_ids – repeated form field of entry IDs.
• select_all_matching – when set to true, apply to all search results.

Example (add tag to two IDs):

curl -X POST \
  -F "action=add_tag" -F "tag=archive" \
  -F "selected_ids=3" -F "selected_ids=4" \
  http://localhost:5000/bulk_action

Persist the chosen theme in the user session.

Parameter:

• theme – CSS filename from static/themes/.

curl -X POST -d "theme=nostalgia.css" http://localhost:5000/set_theme

Persist the selected background image.

Parameter:

• background – image filename from static/img/.

curl -X POST -d "background=stars.jpg" http://localhost:5000/set_background

Update the UI panel opacity stored in the session.

Parameter:

• opacity – float between 0.1 and 1.0.

curl -X POST -d "opacity=0.5" http://localhost:5000/set_panel_opacity

Adjust the base font size in the active theme.

Parameters:

• size – integer between 10 and 18.
• theme – CSS theme filename (optional if already set).

curl -X POST -d "theme=nostalgia.css" -d "size=16" \
  http://localhost:5000/set_font_size

Return the list of saved tag searches.

curl http://localhost:5000/saved_tags

Add a new tag query to the saved list.

Parameter:

• tag – search expression to store.

curl -X POST -d "tag=#foo AND #bar" http://localhost:5000/saved_tags

Remove a saved tag search.

Parameter:

• tag – query string to delete.

curl -X POST -d "tag=#foo AND #bar" http://localhost:5000/delete_saved_tag

Download sources referenced in a Webpack .js.map file as a ZIP archive.

Parameter:

• map_url – URL of the .js.map file.

curl -X POST -d "map_url=https://host/app.js.map" http://localhost:5000/tools/webpack-zip -o sources.zip

Serve the Text Tools overlay used for encoding and decoding text.

curl http://localhost:5000/text_tools

Decode Base64 text sent in the text field. Returns plain text.

curl -X POST -d "text=SGVsbG8h" http://localhost:5000/tools/base64_decode

Encode posted text as Base64.

curl -X POST -d "text=Hello" http://localhost:5000/tools/base64_encode

Convert percent-encoded strings back to their ASCII form.

curl -X POST -d "text=This%20is%20fine%21" http://localhost:5000/tools/url_decode

Percent-encode a string so it is safe for use in URLs.

curl -X POST -d "text=This is fine!" http://localhost:5000/tools/url_encode

Serve the JWT Tools overlay used for decoding and encoding JWTs.

curl http://localhost:5000/jwt_tools

Decode a JWT sent in the token field. Returns JSON containing the header, payload and additional fields: exp_readable, expired, alg_warning and key_warning.

curl -X POST -d "token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  http://localhost:5000/tools/jwt_decode

Encode a JSON payload into a JWT. Accepts payload and optional secret.

curl -X POST -d "payload={\"sub\":1}" -d "secret=mykey" \
  http://localhost:5000/tools/jwt_encode

Return the last 50 decoded JWT entries. Each object includes issuer, alg, claims, notes, token and created_at.

curl http://localhost:5000/jwt_cookies

Create a new empty SQLite database.

Parameter:

• db_name – desired base name (optional, sanitized to <name>.db).

curl -X POST -d "db_name=project" http://localhost:5000/new_db

Upload and load a database file.

Parameter:

• db_file – uploaded .db file.

curl -X POST -F "[email protected]" http://localhost:5000/load_db

Download the currently loaded database. Use the optional name query parameter to specify the download filename.

curl -L "http://localhost:5000/save_db?name=backup.db" -o backup.db

Rename the current database file.

Parameter:

• new_name – new base filename.

curl -X POST -d "new_name=renamed" http://localhost:5000/rename_db

Return all notes for a URL in JSON form.

curl http://localhost:5000/notes/1

Create a new note or update an existing one.

Parameters:

• url_id – ID of the related URL.
• content – note text.
• note_id – existing note ID when editing (optional).

curl -X POST -d "url_id=1" -d "content=hello" http://localhost:5000/notes

Delete an individual note or, when all=1, remove all notes for a URL.

curl -X POST -d "note_id=3" http://localhost:5000/delete_note

Download all notes as structured JSON.

curl http://localhost:5000/export_notes

Return all project-wide text notes.

curl http://localhost:5000/text_notes

Create or update a text note.

Parameters:

• content – note text.
• note_id – existing note ID when editing (optional).

curl -X POST -d "content=demo" http://localhost:5000/text_notes

Delete a text note by ID.

curl -X POST -d "note_id=1" http://localhost:5000/delete_text_note

Export URL records in various formats.

Parameters:

• format – one of txt, csv, md or json.
• q – optional search query.
• id – repeatable ID filter when not using select_all_matching.
• select_all_matching – set to true to export all results for the query.

curl -L "http://localhost:5000/export_urls?format=csv&id=1&id=2"

Serve the HTTPolaroid overlay for capturing a full page snapshot.

curl http://localhost:5000/httpolaroid

Launch a capture job and return JSON with the record ID.

Parameters:

• url – page to fetch.
• agent – optional user agent (android, bot or blank for desktop).
• spoof_referrer – set to 1 to spoof the referrer header. The resulting record logs the HTTP status and resolved IPs for the initial request.

curl -X POST -d "url=https://example.com" http://localhost:5000/tools/httpolaroid

List previous HTTPolaroid captures as JSON.

curl http://localhost:5000/httpolaroids

Download the ZIP archive for a capture.

curl -O http://localhost:5000/download_httpolaroid/1

Delete one or more captures by ID.

curl -X POST -d "ids=1,2" http://localhost:5000/delete_httpolaroids

List tags for a Docker repository.

curl http://localhost:5000/dag/repo/library/ubuntu

Return the manifest JSON for an image reference.

curl http://localhost:5000/dag/image/library/ubuntu:latest

Extract a single file from a layer blob.

Query parameter:

• image – image reference containing the layer.

curl -O \
  "http://localhost:5000/dag/fs/sha256:1234/etc/os-release?image=library/ubuntu:latest"

Delete stored JWT cookie entries.

Parameter:

• ids – comma-separated IDs.

curl -X POST -d "ids=1,2" http://localhost:5000/delete_jwt_cookies

Edit notes for a saved JWT record.

Parameters:

• id – record ID.
• notes – text notes.

curl -X POST -d "id=1" -d "notes=ok" http://localhost:5000/update_jwt_cookie

Export decoded JWT history as JSON.

curl http://localhost:5000/export_jwt_cookies

Serve the screenshot overlay.

curl http://localhost:5000/screenshotter

Full-page screenshot overlay.

curl http://localhost:5000/tools/screenshotter

Capture a screenshot and return JSON with the ID.

Parameters:

• url – target URL.
• user_agent – optional agent string.
• spoof_referrer – 1 to spoof the referrer header. The screenshot record stores the HTTP status and resolved IP addresses used for the request.

curl -X POST -d "url=https://example.com" http://localhost:5000/tools/screenshot

List captured screenshots as JSON. Each object includes status_code and ip_addresses fields.

curl http://localhost:5000/screenshots

Delete screenshots by ID.

curl -X POST -d "ids=1,2" http://localhost:5000/delete_screenshots

Serve the Subdomonster overlay with bulk-selection checkboxes.

curl http://localhost:5000/subdomonster

Full-page subdomain overlay with the same bulk-selection features.

curl http://localhost:5000/tools/subdomonster

List subdomains from the database.

Parameters (optional):

• domain – limit results to a root domain.
• page – return a specific page of results.
• items – number of subdomains per page.

curl "http://localhost:5000/subdomains?domain=example.com&page=1&items=50"

Fetch subdomains from crt.sh, VirusTotal, or the local URL list.

Parameters:

• domain – target domain (optional when using the local source).
• source – crtsh, virustotal, or local.
• api_key – VirusTotal API key, optional if VIRUSTOTAL_API is configured.

Use source=local to import subdomains discovered by scraping existing URLs.

curl -X POST -d "domain=example.com" -d "source=crtsh" http://localhost:5000/subdomains
curl -X POST -d "source=local" http://localhost:5000/subdomains

Export subdomains for a domain.

curl "http://localhost:5000/export_subdomains?domain=example.com"

Mark a subdomain as indexed by CDX.

curl -X POST -d "subdomain=dev.example.com" http://localhost:5000/mark_subdomain_cdx

Scrape discovered subdomains from existing URLs.

curl -X POST -d "domain=example.com" http://localhost:5000/scrape_subdomains

Delete a subdomain entry.

curl -X POST -d "domain=example.com" -d "subdomain=dev" http://localhost:5000/delete_subdomain

Switch to a database file stored under db/.

curl -X POST -d "db_file=wabax.db" http://localhost:5000/load_saved_db

Change how many results display on the search page.

curl -X POST -d "count=20" http://localhost:5000/set_items_per_page

Return layer and manifest details for an image as JSON.

curl -G --data-urlencode "image=ubuntu:latest" http://localhost:5000/docker_layers

Pass insecure=1 for registries with self-signed certificates.

Download a compressed layer blob.

curl -L "http://localhost:5000/download_layer?image=ubuntu:latest&digest=sha256:1234" -o layer.tar.gz

Include insecure=1 when downloading from insecure registries.

Serve the OCI Explorer overlay.

curl http://localhost:5000/oci_explorer

Full-page OCI Explorer.

curl http://localhost:5000/tools/oci_explorer

Query manifest information for an image.

curl -G --data-urlencode "image=ubuntu:latest" http://localhost:5000/oci_explorer_api

Pass insecure=1 to disable TLS validation or when connecting to self-signed registries.

Return manifest details as a hierarchical table structure.

curl -G --data-urlencode "image=ubuntu:latest" http://localhost:5000/registry_table

Add insecure=1 to fetch manifests from registries with self-signed certificates.

Alias for /oci_explorer used by older bookmarks.

curl http://localhost:5000/dag_explorer

Full-page alias for /tools/oci_explorer.

curl http://localhost:5000/tools/dag_explorer

List files in a layer.

curl http://localhost:5000/dag/layer/library/ubuntu@sha256:abcd

View tags for a repository.

curl http://localhost:5000/repo/library/ubuntu

Render manifest details for an image reference.

curl http://localhost:5000/image/library/ubuntu:latest

Render details for an image digest.

curl http://localhost:5000/image/library/ubuntu@sha256:abcd

Return the uncompressed size of a layer.

curl http://localhost:5000/size/library/ubuntu@sha256:abcd

Render the project overview page summarizing domains and module counts.

curl http://localhost:5000/overview

Return the same overview data as JSON.

curl http://localhost:5000/overview.json

Return aggregate subdomain statistics including the top and loneliest hosts.

curl http://localhost:5000/domain_summary