Skip to main content
POST
Domain Exposure

Authentication

Requires an API key in the Authorization header.

Request

domain
string
required
The company domain to assess, e.g. example.com. Scheme, path, and www. prefixes are stripped automatically.

Response

Returns an aggregated breach-exposure summary rather than raw dark web hits.
domain
string
The normalized domain that was assessed.
total_records
number
Total number of breach records found tied to the domain.
account_count
number
Number of distinct exposed accounts.
plaintext_accounts
number
Number of accounts whose password was exposed in plaintext.
risk_level
string
Overall exposure severity: critical, high, medium, or low.
breaches
array
Breaches that leaked accounts for this domain, each with a name and count, sorted by count.
accounts
array
Exposed accounts, each with email, the breaches that leaked it, and a plaintext flag, sorted by breach count.

Credits

1 credit per assessment.