Capabilities

Web search

Use web search to find public web, news, supported public social/profile mentions, public documents, and adverse-media references for a person, organization, or keyword. This capability is intended for adverse-media review, public-context discovery, and triage workflows where an investigator needs normalized hits with enough context to decide what to review next.

Requests can include expanded person-subject context such as date of birth, place of birth, email address, approximate age, mobile phone number, driver's license state, body type/build, military status, ethnicity, employer, employment dates, department, role, location, employment status, and subject-owned social media URLs. These fields follow the normal API naming convention shown in the generated reference.

The API uses these fields according to their reliability. Name, aliases, regions, employer, employment location, place of birth, role, and department may narrow generated search queries. Exact subject social media URLs are routed through the same social-context retrieval path as socialAccounts. Email, phone, date of birth, employment dates, license state, employment status, gender, ethnicity, body type/build, and military status are used for corroboration or exclusion context, not as standalone reasons to include a result.

Search is identity-led, not adverse-term-gated. The service generates capped query categories similar to the platform search flow: pure identity, news/media, social/professional, profile/contact, public document, and adverse-media. adverseTerms are optional caller additions/boosts; when omitted, the API still uses a built-in adverse/legal/regulatory term pack and still keeps subject-relevant non-adverse results.

Requests can also include exact social account hints in top-level socialAccounts using a supported platform plus username or profile URL. The API uses those hints to retrieve available profile and recent-activity context from the existing social scrapers and returns that context as normalized social web hits alongside general web/news search results.

Results are returned as normalized web-hit items with confidenceCategory, matched inputs, summary text, metadata, display domain, source type, content type, publication time when available, and resultUrl for the full source page URL. Safe metadata can include the generated queryCategory that found the result. Web/media search intentionally exposes the source URL so investigators can review the underlying page.

PII expansion

Use PII expansion to expand supplied identifier seeds: emails, phones, and usernames. This capability is intentionally identifier-only; address/domain seeds, standalone name/DOB/region person searches, reverse-phone identity enrichment, broad person enrichment, and social-profile discovery are excluded.

Results include identity_candidate items only. Each returned item includes confidenceCategory, match rationale, matched inputs, normalized identifier attributes, and safe metadata so consumers can rank and review candidate links. Breach-derived identity candidates may preserve safe field-level context such as exposedFields, credentialExposure, and credentialTypes; breach source names/dates, credential values, hashes, salts, tokens, and raw connector payloads are not returned.

PII expansion dedupes exact identifier matches algorithmically first. AI semantic dedupe and validation then merge compatible identity variants or exclude irrelevant/junk identifiers. The AI step can only choose merge/keep-separate or include/exclude and never changes returned values.

Use Social Profile Analysis when the caller already knows the social profile URL(s) to analyze. The base match layer retrieves records from those profiles and returns posts, comments, videos, profile fields, and other evidence that match analyst criteria or a custom prompt.

Optional behavioral_analysis runs on top of the matched records. It can summarize behavior over time, identify escalation or repeated target mentions, assess risk signals when a target context is provided, and explain limits. This capability is not a person-resolution or candidate-profile discovery workflow.

Output guarantees

Responses are designed for downstream analysis, triage, and workflow integration. They are normalized API results, not raw-source evidence exports. Confidence is returned as likely or uncertain on each normalized result item.