Retrieve Details for an Exposure

Lookup the details for a specific exposure

Returns the detailed information for a credentials exposure. The responses to this call can and should be cached to limit the number of calls made. The exposure details are not typically expected to change over time, so they can be retained for relatively long periods of time, e.g. for up to 30 days.

GEThttps://api.enzoic.com/v1/exposure-details

Authorization

Query parameters

Response

The response body contains the details of the Exposure

Body

idstring

The unique ID of the Exposure.

Example: "57dc11964d6db21300991b78"

titlestring

Title of the exposure – for breaches, the domain of the origin site. For exposures where it’s not possible to determine the origin site, we provide the title as Unknown source and include the date it was found and added to our database in parentheses.

Example: "funsurveys.net"

entriesinteger

The number of credentials found in the exposure (may be 0 for non-credentials exposures)

Example: 5123

datestring (date)

The date the exposure occurred, as much as is known. The value is as follows:

null if the date is not known
Month and day set to December 31st, if only the year is known (e.g. “2015-12-31” if Exposure date was sometime in 2015)
Day set to the first of the month if only the month is known (e.g. “2015-06-01” if Exposure date was sometime in June 2015)
Otherwise, exact date if exact date is known, including time

Example: "2015-05-01T00:00:00.000Z"

categorystring

A category for the breached organization, if the exposure was a data breach. These categories correspond to the top level of the North American Industry Classification System (NAICS). Some types of data-harvesting malware (i.e. stealers, phishing, etc.) will show up under the Malware category. Large aggregated dumps of user credentials from various sources (called Combo Lists) will show up under the category Combolists.

Possible values (NAICS value):

Unspecified
Agriculture, Forestry, Fishing and Hunting (11)
Mining, Quarrying, and Oil and Gas Extraction (21)
Utilities (22)
Construction (23)
Manufacturing (31-33)
Wholesale Trade (42)
Retail Trade (44-45)
Transportation and Warehousing (48-49)
Information (51)
Finance and Insurance (52)
Real Estate and Rental and Leasing (53)
Professional, Scientific, and Technical Services (54)
Management of Companies and Enterprises (55)
Administrative and Support and Waste Management and Remediation Services (56)
Educational Services (61)
Health Care and Social Assistance (62)
Arts, Entertainment, and Recreation (71)
Accommodation and Food Services (72)
Other Services (81)
Public Administration (92)
Malware (N/A)
Combolist (N/A)

Example: "Manufacturing"

sourcestring

Where the data was collected at. Possible values are:

Unspecified
Cybercrime Forums
File Sharing Sites
Pastes
Messaging Services
Private Sources
Honeypots
Dark Web Markets

Example: "Cybercrime Forums"

passwordTypestring

The format of the passwords in the Exposure, e.g. “Cleartext”, “MD5”, “BCrypt”, etc.

Example: "Cleartext"

exposedDataarray of string

The types of user data which were present in the Exposure, e.g. “Emails”, “Passwords”, “Physical Addresses”, “Phone Numbers”, etc.

dateAddedstring (date)

The date the Exposure was found and added to the Enzoic database.

Example: "2016-09-16T15:36:54.000Z"

sourceURLsarray of string

An array of URLs the data was found at. Only present for some types of Exposures, like when the source was a paste site.

domainsAffectedinteger

The number of unique email address domains in this Exposure. So, for instance, if the Exposure only contained “gmail.com” and “yahoo.com” email addresses, this number would be 2.

Example: 683

sourceFileCountinteger

The number of different files there were found in this Exposure.

Example: 1

Request

Response

PreviousGet Exposures by Date NextBreach Monitoring API

Last updated 5 months ago

Lookup the details for a specific exposure

GEThttps://api.enzoic.com/v1/exposure-details