{
  "scan_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "keywords": [
    "<string>"
  ],
  "domain": "<string>",
  "total_breaches": 123,
  "created_at": "2023-11-07T05:31:56Z",
  "discovered_emails": [
    "<string>"
  ],
  "error_detail": "<string>",
  "results": {}
}

ScanResult

Contains the stored record returned by GET /scan/{scan_id}.

Top-level shape

keywords or domain describes what was scanned.
status, total_breaches, and created_at describe the stored scan record.
discovered_emails appears on domain scans when emails were enumerated.
error_detail is present if the scan ended in an error state.

`results` object

results is keyed by breach database name.
Each entry contains:
- InfoLeak: breach/source description.
- NumOfResults: number of records found in that breach.
- Data: array of raw breach records from that source.
Fields inside Data vary by breach source. Do not assume a fixed normalized schema.
Password-like values are masked in API output.

Stored scan result returned by GET /scan/{scan_id}.

scan_id

string<uuid>

keywords

string[]

The keywords that were scanned

domain

string | null

Domain that was enumerated (if provided)

total_breaches

integer

Number of breach databases found

status

enum<string>

Final stored scan status

Available options:

success,

no_results,

no_queries,

error

created_at

string<date-time>

When the stored scan record was created

discovered_emails

string[]

Emails discovered from domain enumeration

error_detail

string

Error message if scan failed

results

object

Raw breach data keyed by database name. Each entry contains InfoLeak (description), NumOfResults (count), and Data (array of breach records). Passwords are masked.

Show child attributes

ScanResponse Error

​ScanResult

​Top-level shape

​results object

ScanResult

Top-level shape

`results` object