FixWeb

// docs / domains

Dominionaka

A domain is a verified hostname you own. Verifying once unlocks owner-depth scans, scheduled re-scans, and live website monitoring on that hostname.

Verifying a dominio

Add a hostname at Dashboard → Dominionaka. Pick one of two verification methods:

  • DNS TXT — add a record at _fixweb.<hostname> ukampi uka token nayanaka generate. We re-resolve it ukat our server, not yours, so SPF / DMARC settings don't interfere. Typical propagation: 1-5 minutes; nayanaka re-check sapa 30 seconds tak 10 minutes.
  • HTTP file — host a small text file at /.well-known/fixweb-verification.txt ukampi uka token. We fetch over HTTPS via uka SSRF-guarded mayiwi path.

Verifications pxiwa re-checked daily by uka domain-reverify cron. If a previously-verified dominio stops resolving uka token (e.g. juma removed uka DNS record), uka verification wa revoked ukat active scannaka against it drop back ru verify_required until juma re-add it.

Scheduled re-scannaka Pro+

Pro planax verificat dominiox ≥3h cadenciamp wasitat escaneayañ atisi; Unlimited planax ≥1h ukat. Dashboard → Dominionaka → Planx jistaram, toggle apnaqaña, cadencia ajllita:

  • 1 hora — Unlimited planallanx jikxatas
  • 3h, 6h, 12h, daily, sapa 2 days, weekly

Every cron tick (sapa 15 min) uka scheduler picks up due schedules, claims them via an optimistic compare-ukat-swap on next_run_at (so two crons spawa't double-enqueue), increments ma scan-usage counter, ukat enqueues a fresh passive scan. The scan inherits ma dominio-verification attestation — juma don't re-attest per run — so disable uka schedule ru revoke.

On completion, uka scan-completed email goes out using uka scheduled_scan_email preference (manage at Account → Settings).

Live threat detection Unlimited+

Unlimited planax automaticamente sapa verificat dominiox uñjasi kimsa señalanakatakix planeat escaneonak chiqaqanx:

  • Certificate transparency — sapa 30 minutes nayanaka query crt.sh tak machaq certs containing ma hostname jan ukax any subdomain. New certs fire a new_certificate alerta.
  • DNS diff — sapa 30 minutes nayanaka resolve A, AAAA, MX, TXT, NS, CNAME ukat compare against uka last snapshot. Changes fire a dns_change alerta.
  • Threat-intel — sapa hour nayanaka check Spamhaus DBL ukat URLhaus tak listings of uka apex hostname. Listings fire a threat_intel_listing alerta.

Alerts dedupe on a content-hash signature so re-detecting uka same change doesn't re-fire. View / dismiss alertanaka at Dashboard → Dominionaka → [dominio] → Monitor. Email notifications follow uka threat_alert_email pref.

Snapshot retention

Monitor snapshots auto-prune after 7 days, except uka most recent baseline per (dominio, signal-type) pair — that one stays regardless of age so uka next diff wa correct. Dismissed alertanaka purge after 90 days.

Trigger ukat API jan ukax MCP

Domain management wa currently UI-only — janiwa API surface tak verification jan ukax schedule changes. To start a scan against an already-verified dominio via API, use POST /api/v1/scans:

curl
curl -X POST https://fixweb.app/api/v1/scans \
  -H "Authorization: Bearer fxw_..." \
  -H "content-type: application/json" \
  -d '{"target":"https://example.com"}'
Dominionaka — Docs · FixWeb