Log in Sign up Start free
For security & intel teams

Domain intel without
the enterprise contract.

WHOIS, RDAP, DNS, SSL, GeoIP, ASN, certificate transparency, subdomain enumeration, passive DNS, typosquat detection. One API. Built on public data sources, not paid feeds. Self-hostable when you can't send IPs offsite.

Start free Self-host options
USE CASES

What security teams use Ollagraph for.

Domain investigation

You got a suspicious URL. Pull WHOIS/RDAP, DNS records, certificate history from crt.sh, ASN, GeoIP, and IP reputation in one workflow. Output is structured JSON, drop into your SOAR.

/v1/intel/whois · /v1/intel/rdap · /v1/intel/cert-transparency-history · /v1/intel/asn · /v1/intel/geoip · /v1/intel/ip-reputation

Attack surface mapping

Enumerate every subdomain from crt.sh, DNS brute, Common Crawl, and Wayback. Wildcard DNS detection. Then audit each subdomain's security headers and TLS config.

/v1/intel/subdomain-enumerate · /v1/intel/wildcard-dns-detect · /v1/intel/tls-config-grade · /v1/intel/security-headers-score

Brand protection

Generate every typosquat of your domain, resolve them, score which ones are real risks. Monitor certificate transparency for new certs issued for your brand. Phishing-domain detection without a vendor feed.

/v1/intel/typosquat-detect · /v1/intel/cert-transparency-history · /v1/intel/dns/lookup

Email reputation

Validate SPF, DKIM, DMARC records. Check MX deliverability. Parse uploaded DMARC RUA reports. Verify single emails or batch up to 1,000 at a time.

/v1/intel/email-auth · /v1/intel/mx-deliverability · /v1/intel/dmarc-aggregate-parse · /v1/verify/email

Network forensics

Trace HTTP redirects across hostile redirect chains. Inspect TLS handshakes and cipher selection. Map ASN and BGP history of an IP. CDN detection from headers and CNAME analysis.

/v1/intel/redirects · /v1/intel/tls-config-grade · /v1/intel/asn-history · /v1/intel/cdn-detect · /v1/intel/bgp-route-info

Compliance auditing

HSTS preload list checks. DNSSEC validation. Cookie audits for Secure, HttpOnly, SameSite. Subresource Integrity checks. Mixed-content detection. Reports ready for compliance review.

/v1/intel/hsts-preload-check · /v1/intel/dnssec-audit · /v1/intel/cookie-audit · /v1/intel/subresource-integrity · /v1/seo/mixed-content
CAN'T SEND IPS OFFSITE?

Self-host Ollagraph.

Security teams investigating internal IPs, customer domains, or pre-disclosure vulnerabilities often can't send queries to a third party. Run Ollagraph in your VPC. Same API, same MCP server, same 148 endpoints — all the data stays in your perimeter.

Self-host options →

Intelligence built on public data.

1,000 credits on signup. Domain & network intel catalog from day one.

Start free All endpoints