{
  "scan_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "status": "success",
  "total_breaches": 1,
  "discovered_emails": [
    "<string>"
  ],
  "message": "<string>"
}

ScanResponse

Contains the immediate acknowledgement returned by POST /scan.

Key fields

scan_id: store this UUID and use it with GET /scan/{scan_id}.
status: success, no_results, or no_queries.
total_breaches: number of matched breach sources, not raw rows.
discovered_emails: optional, only for domain-driven scans that enumerate breached addresses.
message: optional context when the request resolves without usable search terms.

This response does not contain the raw breach records. Use the stored scan_id to fetch the full result payload.

Initial acknowledgement returned by POST /scan. Use scan_id with GET /scan/{scan_id} to retrieve full records.

scan_id

string<uuid>

Unique identifier for retrieving scan results via GET /scan/{scan_id}

status

enum<string>

Scan result status

Available options:

success,

no_results,

no_queries

total_breaches

integer

Number of breach databases found

Required range: x >= 0

discovered_emails

string[]

Emails discovered from domain enumeration (only present when domain was provided)

message

string

Additional context (e.g. when no keywords were provided)

ScanRequest ScanResult

Start Here

DarkRecon

FileScanner

RTSWPScan

RTS Builder

Senthrex

Legba

ScanResponse

ScanResponse

Key fields

Start Here

DarkRecon

FileScanner

RTSWPScan

RTS Builder

Senthrex

Legba

​ScanResponse

​Key fields

ScanResponse

Key fields