Get Exposures for a Domain

Retrieve all breaches emails from a given domain have been exposed in

This call is useful if you are interested in pulling a list of breaches where email addresses from your domain have been exposed. This differs slightly from the "Get Exposures for All Email Addresses in a Domain" variant of the call in that it returns a summary list of all breaches users in the domain have been exposed in versus returning the specific email addresses.

Note that you must have approval to pull exposures for a given domain. Contact support for approval if you receive a message that you do not have permissions to pull exposures for a given domain.


Lookup all exposures for a domain

get

Returns all credentials exposures that have been found for a given domain.

Authorizations
Query parameters
domainstringRequired

The domain to return exposures for (e.g. “enzoic.com”)

Example: corp.co
includeExposureDetailsintegerOptional

(Optional) If this parameter is specified and non-zero, the results will include the exposure details inline, rather than just the IDs. In this case the exposures array in the response will contain an array of ExposureDetails objects

Default: 0Example: 1
startDatestringOptional

(Optional) Specifies a start date/time in ISO8601 format (e.g. 2023-06-01T00:00:00Z). If specified, only domain exposures which occurred after this date will be included in the response.

Example: 2023-06-01
endDatestringOptional

(Optional) Specifies an end date/time in ISO8601 format (e.g. 2023-06-01T00:00:00Z). If specified, only domain exposures which occurred before this date will be included in the response.

Example: 2023-07-01
pageSizeintegerOptional

(Optional) The number of results to return in a single call. The default page size is 100 and the maximum is 500.

Default: 100Example: 500
pagingTokenstringOptional

(Optional) For each call to the API, if there are additional pages of results available then a pagingToken will be returned. Pass the pagingToken in via this parameter to retrieve the subsequent page of results. Should be left off for the initial call to the API.

Example: 598e5b844eb6d82ea07c5783
Responses
200
Exposures for the domain were found and the associated Exposures are in the response body
application/json
get
GET /v1/exposures-for-domain HTTP/1.1
Host: api.enzoic.com
Authorization: Bearer Base64(your_api_key:your_api_secret)
Accept: */*
{
  "count": 1,
  "pagingToken": "598e5b844eb6d82ea07c5783",
  "exposures": [
    {
      "id": "57dc11964d6db21300991b78",
      "title": "funsurveys.net",
      "entries": 5123,
      "date": "2015-05-01T00:00:00.000Z",
      "category": "Manufacturing",
      "source": "Cybercrime Forums",
      "passwordType": "Cleartext",
      "exposedData": [
        "Emails",
        "Passwords"
      ],
      "dateAdded": "2016-09-16T15:36:54.000Z",
      "sourceURLs": [
        "https://www.someplace.com"
      ],
      "domainsAffected": 683,
      "sourceFileCount": 1
    }
  ]
}

Last updated

Was this helpful?