Domain Exposure
curl --request POST \
--url https://encrata.com/api/agent/darkweb-domain-exposure \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"domain": "<string>",
"total_records": 123,
"account_count": 123,
"plaintext_accounts": 123,
"risk_level": "<string>",
"breaches": [
{}
],
"accounts": [
{}
]
}
'import requests
url = "https://encrata.com/api/agent/darkweb-domain-exposure"
payload = {
"domain": "<string>",
"total_records": 123,
"account_count": 123,
"plaintext_accounts": 123,
"risk_level": "<string>",
"breaches": [{}],
"accounts": [{}]
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
domain: '<string>',
total_records: 123,
account_count: 123,
plaintext_accounts: 123,
risk_level: '<string>',
breaches: [{}],
accounts: [{}]
})
};
fetch('https://encrata.com/api/agent/darkweb-domain-exposure', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://encrata.com/api/agent/darkweb-domain-exposure",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'domain' => '<string>',
'total_records' => 123,
'account_count' => 123,
'plaintext_accounts' => 123,
'risk_level' => '<string>',
'breaches' => [
[
]
],
'accounts' => [
[
]
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://encrata.com/api/agent/darkweb-domain-exposure"
payload := strings.NewReader("{\n \"domain\": \"<string>\",\n \"total_records\": 123,\n \"account_count\": 123,\n \"plaintext_accounts\": 123,\n \"risk_level\": \"<string>\",\n \"breaches\": [\n {}\n ],\n \"accounts\": [\n {}\n ]\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://encrata.com/api/agent/darkweb-domain-exposure")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"domain\": \"<string>\",\n \"total_records\": 123,\n \"account_count\": 123,\n \"plaintext_accounts\": 123,\n \"risk_level\": \"<string>\",\n \"breaches\": [\n {}\n ],\n \"accounts\": [\n {}\n ]\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://encrata.com/api/agent/darkweb-domain-exposure")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"domain\": \"<string>\",\n \"total_records\": 123,\n \"account_count\": 123,\n \"plaintext_accounts\": 123,\n \"risk_level\": \"<string>\",\n \"breaches\": [\n {}\n ],\n \"accounts\": [\n {}\n ]\n}"
response = http.request(request)
puts response.read_body{
"domain": "example.com",
"total_records": 128,
"account_count": 47,
"plaintext_accounts": 12,
"risk_level": "high",
"credits": 1,
"breaches": [
{ "name": "ComboList2026", "count": 31 },
{ "name": "MegaBreach2024", "count": 16 }
],
"accounts": [
{
"email": "ceo@example.com",
"breaches": ["ComboList2026", "MegaBreach2024"],
"plaintext": true
},
{
"email": "support@example.com",
"breaches": ["ComboList2026"],
"plaintext": false
}
]
}
Lookups
Domain Exposure
Assess a company’s breach exposure by domain. Aggregates every leaked credential tied to the domain into a single summary: exposed accounts, source breaches, plaintext passwords, and an overall risk level.
POST
/
api
/
agent
/
darkweb-domain-exposure
Domain Exposure
curl --request POST \
--url https://encrata.com/api/agent/darkweb-domain-exposure \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"domain": "<string>",
"total_records": 123,
"account_count": 123,
"plaintext_accounts": 123,
"risk_level": "<string>",
"breaches": [
{}
],
"accounts": [
{}
]
}
'import requests
url = "https://encrata.com/api/agent/darkweb-domain-exposure"
payload = {
"domain": "<string>",
"total_records": 123,
"account_count": 123,
"plaintext_accounts": 123,
"risk_level": "<string>",
"breaches": [{}],
"accounts": [{}]
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
domain: '<string>',
total_records: 123,
account_count: 123,
plaintext_accounts: 123,
risk_level: '<string>',
breaches: [{}],
accounts: [{}]
})
};
fetch('https://encrata.com/api/agent/darkweb-domain-exposure', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://encrata.com/api/agent/darkweb-domain-exposure",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'domain' => '<string>',
'total_records' => 123,
'account_count' => 123,
'plaintext_accounts' => 123,
'risk_level' => '<string>',
'breaches' => [
[
]
],
'accounts' => [
[
]
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://encrata.com/api/agent/darkweb-domain-exposure"
payload := strings.NewReader("{\n \"domain\": \"<string>\",\n \"total_records\": 123,\n \"account_count\": 123,\n \"plaintext_accounts\": 123,\n \"risk_level\": \"<string>\",\n \"breaches\": [\n {}\n ],\n \"accounts\": [\n {}\n ]\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://encrata.com/api/agent/darkweb-domain-exposure")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"domain\": \"<string>\",\n \"total_records\": 123,\n \"account_count\": 123,\n \"plaintext_accounts\": 123,\n \"risk_level\": \"<string>\",\n \"breaches\": [\n {}\n ],\n \"accounts\": [\n {}\n ]\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://encrata.com/api/agent/darkweb-domain-exposure")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"domain\": \"<string>\",\n \"total_records\": 123,\n \"account_count\": 123,\n \"plaintext_accounts\": 123,\n \"risk_level\": \"<string>\",\n \"breaches\": [\n {}\n ],\n \"accounts\": [\n {}\n ]\n}"
response = http.request(request)
puts response.read_body{
"domain": "example.com",
"total_records": 128,
"account_count": 47,
"plaintext_accounts": 12,
"risk_level": "high",
"credits": 1,
"breaches": [
{ "name": "ComboList2026", "count": 31 },
{ "name": "MegaBreach2024", "count": 16 }
],
"accounts": [
{
"email": "ceo@example.com",
"breaches": ["ComboList2026", "MegaBreach2024"],
"plaintext": true
},
{
"email": "support@example.com",
"breaches": ["ComboList2026"],
"plaintext": false
}
]
}
Authentication
Requires an API key in theAuthorization header.
Authorization: Bearer YOUR_API_KEY
Request
The company domain to assess, e.g.
example.com. Scheme, path, and www. prefixes are stripped automatically.Response
Returns an aggregated breach-exposure summary rather than raw dark web hits.The normalized domain that was assessed.
Total number of breach records found tied to the domain.
Number of distinct exposed accounts.
Number of accounts whose password was exposed in plaintext.
Overall exposure severity:
critical, high, medium, or low.Breaches that leaked accounts for this domain, each with a
name and count, sorted by count.Exposed accounts, each with
email, the breaches that leaked it, and a plaintext flag, sorted by breach count.{
"domain": "example.com",
"total_records": 128,
"account_count": 47,
"plaintext_accounts": 12,
"risk_level": "high",
"credits": 1,
"breaches": [
{ "name": "ComboList2026", "count": 31 },
{ "name": "MegaBreach2024", "count": 16 }
],
"accounts": [
{
"email": "ceo@example.com",
"breaches": ["ComboList2026", "MegaBreach2024"],
"plaintext": true
},
{
"email": "support@example.com",
"breaches": ["ComboList2026"],
"plaintext": false
}
]
}
Credits
1 credit per assessment.⌘I