DocsFAQKnowledge BaseSubmit a RequestMy RequestsGet Started

FAQ

What types of illicit content is covered?

Our crawlers mainly focus on:

  • Drugs - trafficking, buying/selling, discussions, reviews of vendors.
  • Hacking - techniques and tools, discussions, ransomware group sites, cyberattacks, vulnerabilities, fraud committed by hacking, and more
  • PII - Leaked personally identifiable information, fake IDs, Licenses and passports offered for sale.
  • Terror - Discussions associated with White Supremacy, Nazism, racism and Antisemitism.
  • Weapons - trafficking, buying/selling, discussions.
  • Sexual - pedophilic discussions and media
  • Financial Fraud - fraud techniques, fraud committed against financial institutions, forged documents, illegal transactions, leaked bank account details, and more.
  • Counterfeit - Counterfeited items exchange.

How far back can we search, calling the Cyber Endpoint?

The Cyber repositories store up to 2 years back of crawled content.

What sources are supported in the Cyber endpoint?

Webz.io crawls gated content, password, and captcha-protected sources from a variety of anonymous networks including TOR, Open and Deep Web, Zeronet, I2P, OpenBazaar, BlockchainDNS, messaging apps such as Telegram, or other chat apps.

My company uses Webz.io for Domain-Threat-Monitoring. I'm running a search for the company name and receive 0 results. Does it mean my company is safe?

Unfortunately, it does not. Hackers might not explicitly use a company name since they wouldn't want to get exposed. So, for example - after running a search for a particular company’s name that didn't necessarily yield results - you'd want to back it up with a search for the company's IP addresses (e.g. SMTP or POP) that could also potentially return hits.
Another example is searching for credit card BINs rather than searching for the bank's name - which wouldn't usually return results.
Other company 'identifiers' are variations of the company name, the website, email domain, products, services, C-level executives.

I searched for posts from specific TOR addresses and received very few results

When you filter results by a specific marketplace Onion, you’ll get results only from this specific marketplace address, even though there might be many more Onions mirrors for that marketplace. Using the site.name filter, would usually do the trick, so for example matching against site.name:"Dream Market" - would yield millions of search results.

What entities are supported?

  • Emails
  • Credit Cards
  • Social Security Numbers
  • Wallet IDs
  • Phone numbers
  • Persons
  • Organization
  • Locations

Why not all the keywords are highlighted with highlight=true ?

Highlighters don’t reflect the boolean logic of a query when extracting terms to highlight. Thus, for some complex boolean queries (e.g nested boolean queries, queries using minimum_should_match etc.), parts of documents may be highlighted that don’t correspond to query matches.